Security Advisory

CVE-2020-14056

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-07-01 16:06:43
Last updated 2024-08-04 12:32:14
Assigner mitre
State PUBLISHED

Description

Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch functionality. This allows attackers to read arbitrary local files and interact with arbitrary third-party services.