CVE-1999-0080

Summary

CVE-1999-0080 is a vulnerability affecting certain configurations of wu-ftp FTP server version 2.4. This issue arises due to the _PATH_EXECPATH setting being set to a dangerous directory, such as /bin. Consequently, authenticated remote users are able to execute dangerous commands, including those that grant root access, through the "site exec" command. This vulnerability poses a significant risk, as it enables attackers to gain elevated privileges on the affected system. It is essential for administrators to update their FTP servers to a version that does not contain this vulnerability or take other mitigating measures to prevent unauthorized command execution.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.