ftp-srv@4.4.0

Vulnerabilities

1 via 1 paths

Dependencies

50

Source

npm

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0

high severity

Server-side Request Forgery (SSRF)

  • Vulnerable module: ftp-srv
  • Introduced through: ftp-srv@4.4.0

Detailed paths

  • Introduced through: ftp-srv@4.4.0

Overview

ftp-srv is a Modern, extensible FTP Server

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF). It fails to prevent remote clients to access other resources in the network, for example when connecting to the server through telnet. This allows attackers to access any network resources available to the server, including private resources in the hosting environment.

Remediation

There is no fixed version for ftp-srv.

References