CVE-2023-45685

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Oct 16, 2023

Updated: Oct 24, 2023

CWE ID 22

Summary

CVE-2023-45685 is a newly disclosed vulnerability affecting South River Technologies' Titan MFT and Titan SFTP servers on both Windows and Linux platforms. This issue arises from insufficient path validation during the extraction of a zip archive. An authenticated attacker can exploit this path traversal vulnerability to write files to any desired location on the targeted system, potentially leading to serious security implications.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s9YWdr
https://www.cve.org/CVERecord?id=CVE-2023-45685
https://nvd.nist.gov/vuln/detail/CVE-2023-45685

Back to Vulnerability Database

CVE-2023-45685

CVSS 3.1 Score 9.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations