ID CVE-2018-20684
Summary In WinSCP before 5.14 beta, due to missing validation, the scp implementation would accept arbitrary files sent by the server, potentially overwriting unrelated files. This affects TSCPFileSystem::SCPSink in core/ScpFileSystem.cpp.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
refmap via4
bid 106526
misc
Last major update 10-01-2019 - 16:29
Published 10-01-2019 - 16:29
Last modified 12-01-2019 - 06:29
Back to Top