CVE-2020-8635

Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on installation directories and configuration files. This allows local users to arbitrarily create FTP users with full privileges, and escalate privileges within the operating system by modifying system files.

CVSS v3 7.8 HIGH
CVSS v2.0 7.2 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://www.hooperlabs.xyz/disclosures/cve-2020-8635.php	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:wftpserver:wing_ftp_server:6.2.3:::::linux::
	cpe:2.3:a:wftpserver:wing_ftp_server:6.2.3:::::macos::
	cpe:2.3:a:wftpserver:wing_ftp_server:6.2.3:::::solaris::

History

No history.

Information

Published : 2020-03-07 00:15

Updated : 2023-12-10 13:13

NVD link : CVE-2020-8635

Mitre link : CVE-2020-8635

CVE.ORG link : CVE-2020-8635

JSON object : View

Products Affected

wftpserver

wing_ftp_server

CWE

CWE-732

Incorrect Permission Assignment for Critical Resource

{"id": "CVE-2020-8635", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2020-03-07T00:15:13.303", "references": [{"url": "https://www.hooperlabs.xyz/disclosures/cve-2020-8635.php", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-732"}]}], "descriptions": [{"lang": "en", "value": "Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on installation directories and configuration files. This allows local users to arbitrarily create FTP users with full privileges, and escalate privileges within the operating system by modifying system files."}, {"lang": "es", "value": "Wing FTP Server versi\u00f3n v6.2.3 para Linux, macOS y Solaris establecen permisos no seguros en la instalaci\u00f3n de directorios y archivos de configuraci\u00f3n. Esto permite a usuarios locales crear usuarios FTP arbitrariamente con privilegios completos y escalar privilegios dentro del sistema operativo mediante la modificaci\u00f3n de los archivos del sistema."}], "lastModified": "2021-07-21T11:39:23.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wftpserver:wing_ftp_server:6.2.3:*:*:*:*:linux:*:*", "vulnerable": true, "matchCriteriaId": "A2057B2F-6A30-4493-9E0B-E73C67470D1B"}, {"criteria": "cpe:2.3:a:wftpserver:wing_ftp_server:6.2.3:*:*:*:*:macos:*:*", "vulnerable": true, "matchCriteriaId": "CFBEB412-B9C5-4216-B30C-A2616DE155B7"}, {"criteria": "cpe:2.3:a:wftpserver:wing_ftp_server:6.2.3:*:*:*:*:solaris:*:*", "vulnerable": true, "matchCriteriaId": "29A1D238-E336-4AFB-906D-691D141A1570"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}