CVE-2023-45198

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 5, 2023

Updated: Oct 11, 2023

Summary

CVE-2023-45198 is a vulnerability affecting the NetBSD-ftpd software before version 20230930. The issue allows unauthenticated attackers to leak information about the host filesystem through MLSD or MLST commands. This vulnerability also impacts the portable version, tnftpd, before 20231001. This security weakness can potentially enable further attacks by providing attackers with insights into the system's file structure.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s5F8va
https://www.cve.org/CVERecord?id=CVE-2023-45198
https://nvd.nist.gov/vuln/detail/CVE-2023-45198

Back to Vulnerability Database

CVE-2023-45198

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations