GCVE - cpe:2.3:a:ipswitch:ws_ftp_server:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:ipswitch:ws_ftp_server:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Ipswitch (`f980cf58-ade3-5008-97dc-5202aeb62886`)
Product	Ws Ftp Server (`cbd27d03-c882-5b5c-9a5b-ca116c4b26d3`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2019-12146`	vulnerable	2026-06-03 14:39:34.326789	Details available A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers have the ability to abuse a flaw in the SCP listener by crafting strings using specific patterns to write files and create directories outside of their authorized directory. Published: 2019-06-11T20:58:26.000Z Updated: 2024-08-04T23:10:30.614Z Open on db.gcve.eu Reference links https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-12145`	vulnerable	2026-06-03 14:39:34.326478	Details available A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose path names on the host operating system. Published: 2019-06-11T20:57:16.000Z Updated: 2024-08-04T23:10:30.579Z Open on db.gcve.eu Reference links https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-12144`	vulnerable	2026-06-03 14:39:34.326082	Details available An issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers have the ability to abuse a path traversal vulnerability using the SCP protocol. Attackers who leverage this flaw could also obtain remote code execution by crafting a payload that abuses the SITE command feature. Published: 2019-06-11T20:55:50.000Z Updated: 2024-08-04T23:10:30.779Z Open on db.gcve.eu Reference links https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.