CVE-2023-45686

CVE-2023-45686: Arbitrary file write via WebDAV path traversal in Titan MFT and Titan SFTP servers

Vendor South River Technologies
Product Titan MFT
Weakness CWE-22 · Path traversal
Published October 16, 2023
Last update September 16, 2024

CVSS base score

What the vulnerability does

01Description

Insufficient path validation when writing a file via WebDAV in South River Technologies' Titan MFT and Titan SFTP servers on Linux allows an authenticated attacker to write a file to any location on the filesystem via path traversal

Key dates

02Disclosure timeline

October 16, 2023 CVE published
September 16, 2024 Record updated