When installed as Windows service MELAG FTP Server 2.2.0.4 is run as SYSTEM user, which grants remote attackers to abuse misconfigurations or vulnerabilities with administrative access over the entire host system.
References
Link | Resource |
---|---|
https://www.securesystems.de/blog/advisory-and-exploitation-the-melag-ftp-server/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-06-24T11:46:04
Updated: 2022-06-24T11:46:04
Reserved: 2021-09-27T00:00:00
Link: CVE-2021-41635
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-06-24T12:15:08.063
Modified: 2022-07-01T16:40:20.960
Link: CVE-2021-41635
JSON object: View
Redhat Information
No data.
CWE