Home

Description

A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows, allowing unauthenticated attackers to read or write arbitrary files outside the configured FTP root directory. The flaw is due to insufficient sanitation of user-supplied file paths in the FTP GET and PUT command handlers. Exploitation is possible by submitting traversal sequences during FTP operations, enabling access to system-sensitive files. This issue affects only the Windows version of ColoradoFTP.

PUBLISHED Reserved 2025-04-15 | Published 2025-07-15 | Updated 2026-05-15 | Assigner VulnCheck




CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Problem types

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-552 Files or Directories Accessible to External Parties

CWE-306 Missing Authentication for Critical Function

Product status

Default status
unaffected

Any version
affected

Credits

RvLaboratory finder

References

raw.githubusercontent.com/...r/ftp/colorado_ftp_traversal.rb exploit

www.exploit-db.com/exploits/40231 exploit

bitbucket.org/...ts/16a60c4a74ef477cd8c16ca82442eaab2fbe8c86 patch

www.vulncheck.com/...r-path-traversal-information-disclosure third-party-advisory

cve.org (CVE-2025-34110)

nvd.nist.gov (CVE-2025-34110)

Download JSON