Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on files modified within the HTTP file management interface, resulting in files being saved with world-readable and world-writable permissions. If a sensitive system file were edited this way, a low-privilege user may escalate privileges to root.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.hooperlabs.xyz/disclosures/cve-2020-8635.php |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-03-06T23:33:20
Updated: 2024-08-04T10:03:46.369Z
Reserved: 2020-02-05T00:00:00
Link: CVE-2020-8634
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-03-07T00:15:13.240
Modified: 2024-11-21T05:39:09.700
Link: CVE-2020-8634
Redhat
No data.