Details of VAR-202001-1622

ID

VAR-202001-1622

CVE

CVE-2020-5221

TITLE

uftpd path traversal vulnerability

Trust: 1.2

sources: CNVD: CNVD-2020-13520 // CNNVD: CNNVD-202001-1016

DESCRIPTION

In uftpd before 2.11, it is possible for an unauthenticated user to perform a directory traversal attack using multiple different FTP commands and read and write to arbitrary locations on the filesystem due to the lack of a well-written chroot jail in compose_abspath(). This has been fixed in version 2.11. uftpd Contains a path traversal vulnerability.The information may be obtained and the information may be altered. uftpd is a FTP / TFTP file transfer server based on Linux platform. Path traversal vulnerability exists in uftpd before version 2.11

Trust: 2.16

sources: NVD: CVE-2020-5221 // JVNDB: JVNDB-2020-001521 // CNVD: CNVD-2020-13520

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-13520

AFFECTED PRODUCTS

vendor:	troglobit	model:	uftpd	scope:	lt	version:	2.11	Trust: 2.4
vendor:	troglobit	model:	uftpd	scope:	eq	version:	-	Trust: 0.8
vendor:	troglobit	model:	uftpd	scope:	eq	version:	0.1	Trust: 0.6
vendor:	troglobit	model:	uftpd	scope:	eq	version:	1.6	Trust: 0.6
vendor:	troglobit	model:	uftpd	scope:	eq	version:	1.7	Trust: 0.6
vendor:	troglobit	model:	uftpd	scope:	eq	version:	1.0	Trust: 0.6
vendor:	troglobit	model:	uftpd	scope:	eq	version:	1.1	Trust: 0.6
vendor:	troglobit	model:	uftpd	scope:	eq	version:	1.2	Trust: 0.6
vendor:	troglobit	model:	uftpd	scope:	eq	version:	1.8	Trust: 0.6
vendor:	troglobit	model:	uftpd	scope:	eq	version:	1.5	Trust: 0.6
vendor:	troglobit	model:	uftpd	scope:	eq	version:	1.3	Trust: 0.6
vendor:	troglobit	model:	uftpd	scope:	eq	version:	1.4	Trust: 0.6

sources: CNVD: CNVD-2020-13520 // JVNDB: JVNDB-2020-001521 // CNNVD: CNNVD-202001-1016 // NVD: CVE-2020-5221

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-5221
value:	HIGH
Trust: 1.0
security-advisories@github.com:	CVE-2020-5221
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2020-5221
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2020-13520
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202001-1016
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2020-5221
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2020-13520
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2020-5221
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.7
version:	3.1
Trust: 1.0
security-advisories@github.com:	CVE-2020-5221
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	2.3
impactScore:	3.7
version:	3.1
Trust: 1.0
NVD:	CVE-2020-5221
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2020-13520 // JVNDB: JVNDB-2020-001521 // CNNVD: CNNVD-202001-1016 // NVD: CVE-2020-5221 // NVD: CVE-2020-5221

PROBLEMTYPE DATA

problemtype:	CWE-22	Trust: 1.0
problemtype:	Path traversal (CWE-22) [NVD Evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2020-001521 // NVD: CVE-2020-5221

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202001-1016

PATCH

title:	Directory Traversal (Chroot Escape)	url:	https://github.com/troglobit/uftpd/commit/455b47d3756aed162d2d0ef7f40b549f3b5b30fe	Trust: 0.8
title:	Patch for uftpd path traversal vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/204863	Trust: 0.6
title:	uftpd Repair measures for path traversal vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=107355	Trust: 0.6

sources: CNVD: CNVD-2020-13520 // JVNDB: JVNDB-2020-001521 // CNNVD: CNNVD-202001-1016

EXTERNAL IDS

db:	NVD	id:	CVE-2020-5221	Trust: 3.0
db:	JVNDB	id:	JVNDB-2020-001521	Trust: 0.8
db:	CNVD	id:	CNVD-2020-13520	Trust: 0.6
db:	CNNVD	id:	CNNVD-202001-1016	Trust: 0.6

sources: CNVD: CNVD-2020-13520 // JVNDB: JVNDB-2020-001521 // CNNVD: CNNVD-202001-1016 // NVD: CVE-2020-5221

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2020-5221	Trust: 2.0
url:	https://github.com/troglobit/uftpd/commit/455b47d3756aed162d2d0ef7f40b549f3b5b30fe	Trust: 1.6
url:	https://github.com/troglobit/uftpd/security/advisories/ghsa-wmx8-v7mx-6x9h	Trust: 1.6

sources: CNVD: CNVD-2020-13520 // JVNDB: JVNDB-2020-001521 // CNNVD: CNNVD-202001-1016 // NVD: CVE-2020-5221

SOURCES

db:	CNVD	id:	CNVD-2020-13520
db:	JVNDB	id:	JVNDB-2020-001521
db:	CNNVD	id:	CNNVD-202001-1016
db:	NVD	id:	CVE-2020-5221

LAST UPDATE DATE

2024-11-23T22:58:26.179000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2020-13520	date:	2020-02-26T00:00:00
db:	JVNDB	id:	JVNDB-2020-001521	date:	2020-02-13T00:00:00
db:	CNNVD	id:	CNNVD-202001-1016	date:	2020-02-17T00:00:00
db:	NVD	id:	CVE-2020-5221	date:	2024-11-21T05:33:42.463

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2020-13520	date:	2020-02-26T00:00:00
db:	JVNDB	id:	JVNDB-2020-001521	date:	2020-02-13T00:00:00
db:	CNNVD	id:	CNNVD-202001-1016	date:	2020-01-22T00:00:00
db:	NVD	id:	CVE-2020-5221	date:	2020-01-22T19:15:13.127