CVE-2023-45686

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Oct 16, 2023

Updated: Oct 24, 2023

CWE ID 22

Summary

CVE-2023-45686 is a vulnerability affecting South River Technologies' Titan MFT and Titan SFTP servers running on Linux. An authenticated attacker can exploit insufficient path validation during file writing via WebDAV, enabling them to traverse directories and write files to any location on the targeted system. This issue poses a serious security risk and could lead to unauthorized file manipulation or data leakage. It is strongly recommended that affected organizations apply the necessary patches or updates to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s9YWdi
https://www.cve.org/CVERecord?id=CVE-2023-45686
https://nvd.nist.gov/vuln/detail/CVE-2023-45686

Back to Vulnerability Database

CVE-2023-45686

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations