Directory traversal vulnerability in Gummy Bear Studios FTP Drive + HTTP Server 1.0.4 and earlier allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) in a GET request. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Path Traversal
Ftp Drive Http Server
NVD
CVSS 2.0
7.8
EPSS
0.2%