CVE-2020-14056

Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch functionality. This allows attackers to read arbitrary local files and interact with arbitrary third-party services.
Configurations

Configuration 1 (hide)

cpe:2.3:a:monstaftp:monsta_ftp:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-07-01 17:15

Updated : 2023-12-10 13:27


NVD link : CVE-2020-14056

Mitre link : CVE-2020-14056

CVE.ORG link : CVE-2020-14056


JSON object : View

Products Affected

monstaftp

  • monsta_ftp
CWE
CWE-918

Server-Side Request Forgery (SSRF)