CVE-2019-16864
Published
CVSS v3
8.8
HIGH
CVSS v2
8.5
HIGH
Affected
1
PROJECT
Description
CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code Execution by leveraging a Windows user account that has SSH access. The exec command is always run as SYSTEM.
Proof-of-Concept exploits for CVEs found by the team at Rhino Security Labs
GitHub