VULHUB ™

IglooFTP does not properly sanitize server-supplied filenames during downloads, potentially allowing for files to be created or overwritten in the context of the client user. This issue is reported to occur when the FTP client is used to recursively download files from a remote FTP server. This issue reportedly exists in UNIX/Linux based versions of IglooFTP. It is not known if Windows versions are affected.

IglooFTP does not properly sanitize server-supplied filenames during downloads, potentially allowing for files to be created or overwritten in the context of the client user. This issue is reported to occur when the FTP client is used to recursively download files from a remote FTP server. This issue reportedly exists in UNIX/Linux based versions of IglooFTP. It is not known if Windows versions are affected.