Directory traversal vulnerability in X-Diesel Unreal Commander 0.92 build 565 and 573 allows remote FTP servers to create or overwrite arbitrary files via a … (dot dot) in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder.
CPE | Name | Operator | Version |
---|---|---|---|
unreal_commander | eq | 0.92.0-build565 | |
unreal_commander | eq | 0.92.0-build573 |