ftp-srv is vulnerable to server-side request forgery. A remote client is able to submit requests on behalf of the server and access resources within the internal network accessible by the server, including private resources in the hosting environment.