A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows, allowing unauthenticated attackers to read or write arbitrary files outside the configured FTP root directory. The flaw is due to insufficient sanitation of user-supplied file paths in the FTP GET and PUT command handlers. Exploitation is possible by submitting traversal sequences during FTP operations, enabling access to system-sensitive files. This issue affects only the Windows version of ColoradoFTP.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 16 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00413}


Tue, 15 Jul 2025 14:30:00 +0000


Tue, 15 Jul 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 15 Jul 2025 14:00:00 +0000


Tue, 15 Jul 2025 13:15:00 +0000

Type Values Removed Values Added
Description A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows, allowing unauthenticated attackers to read or write arbitrary files outside the configured FTP root directory. The flaw is due to insufficient sanitation of user-supplied file paths in the FTP GET and PUT command handlers. Exploitation is possible by submitting traversal sequences during FTP operations, enabling access to system-sensitive files. This issue affects only the Windows version of ColoradoFTP.
Title ColoradoFTP Server <= 1.3 Build 8 Path Traversal Information Disclosure
Weaknesses CWE-22
CWE-306
CWE-552
References
Metrics cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2025-07-15T13:44:56.509Z

Reserved: 2025-04-15T19:15:22.560Z

Link: CVE-2025-34110

cve-icon Vulnrichment

Updated: 2025-07-15T13:44:47.466Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-07-15T13:15:30.833

Modified: 2025-07-15T20:07:28.023

Link: CVE-2025-34110

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.