Insecure Access Control Permissions in MELAG FTP Server 2.2.0.4

Insecure Access Control Permissions in MELAG FTP Server 2.2.0.4

CVE-2021-41637 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Weak access control permissions in MELAG FTP Server 2.2.0.4 allow the "Everyone" group to read the local FTP configuration file, which includes among other information the unencrypted passwords of all FTP users.

Learn more about our Cis Benchmark Audit For Server Software.