icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

SmartFTP Directory Traversal Vulnerability

Medium

Synopsis

The remote host has a FTP client installed that is vulnerable to a directory traversal attack

Description

The remote host is running SmartFTP, a FTP client for Windows.

Versions of SmartFTP earlier than 4.0.1124 are potentially affected by a directory traversal vulnerability. An attacker, exploiting this flaw, could trick a user into downloading a malicious file into a user's Startup folder.

Solution

Upgrade to SmartFTP 4.0.1124 or later.