CVE-1999-0080
CVSS 2.0 Score 10 of 10 (high)
Details
Summary
CVE-1999-0080 is a vulnerability affecting certain configurations of the wu-ftp FTP server version 2.4. The issue arises due to the _PATH_EXECPATH setting being set to a risky directory, such as /bin. This vulnerability enables remote authenticated users to execute dangerous commands, including gaining root access through the "site exec" command. The exploitation of this vulnerability can lead to serious security implications for affected systems. It is recommended that affected organizations update their wu-ftp FTP server to a secure version or apply the necessary patches to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Washington University in St. Louis