Incomplete Authentication Checks in MELAG FTP Server 2.2.0.4 Allow Remote Access to Local Files

Incomplete Authentication Checks in MELAG FTP Server 2.2.0.4 Allow Remote Access to Local Files

CVE-2021-41638 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

The authentication checks of the MELAG FTP Server in version 2.2.0.4 are incomplete, which allows a remote attacker to access local files only by using a valid username.

Learn more about our Cis Benchmark Audit For Server Software.