This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.
The remote Windows host has a program that allows arbitrary file
According to its version, the installation of WinSCP on the remote
host fails to completely sanitize input to the SCP and SFTP protocol
handlers. If an attacker can trick a user on the affected host into
clicking on a malicious link, a file transfer can be initiated to or
from the affected host.
See also :
Upgrade to WinSCP version 4.0.4 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true