CVE-2007-4843

EPSS 5.59% · P90 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-4843

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Directory traversal vulnerability in X-Diesel Unreal Commander 0.92 build 565 and 573 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Unreal Commander FTP服务器远程目录遍历漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Unreal Commander是一款免费的Windows平台文件管理器。 Unreal Commander的实现上存在多个安全漏洞，远程攻击者可能利用此漏洞导致缓冲区溢出或拒绝服务。 Unreal Commander的FTP功能没有正确地检查所要下载文件的名称，如果文件名中包含有反斜杠和句号的话，就可能将该文件下载到攻击者所选择的任意位置。例如，FTP服务器可能发送类似于以下的文件： -rwxr-xr-x 2 ftp ftp 4096 Aug 1 02:28 st\..\..\..\..\..\Back

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-4843

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-4843

请登录查看更多情报信息。

http://blog.hispasec.com/lab/advisories/adv_UnrealCommander_0_92_build_573_Multiple_FTP_Based_Vulnerabilities.txtx_refsource_MISC
http://securityreason.com/securityalert/3125third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/bid/25583vdb-entryx_refsource_BID
http://secunia.com/advisories/26739third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/39615vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/archive/1/478728/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2007-4843

Same Patch Batch · n/a · 2007-09-12 · 31 CVEs total

CVE-2007-4834		PhpRealty 多个远程文件包含漏洞
CVE-2007-4849		Linux Kernel JFFS2文件系统不安全权限设置漏洞
CVE-2007-4848		Microsoft Internet Explorer 安全漏洞
CVE-2007-4847		Google Picasa图像文件读取问题
CVE-2007-4846		Webace Webace Webace-linkscript SQL注入漏洞
CVE-2007-4845		RW::Download Index.PHP 多个SQL注入漏洞
CVE-2007-4844		Unreal Commander FTP服务器拒绝服务攻击漏洞
CVE-2007-4842		Enriva Enriva Development Magellan Explorer 路径遍历漏洞
CVE-2007-4841		Mozilla Firefox 输入验证错误漏洞
CVE-2007-4840		PHP 多个拒绝服务漏洞
CVE-2007-4839		IBM WebSphere Application Server (WAS)的PD tools组件未明漏洞
CVE-2007-4838		CellFactor Revolution缓冲区溢出漏洞
CVE-2007-4837		Proxy Anket Proxy Anket SQL注入漏洞
CVE-2007-4836		PhpMyQuote 跨站脚本攻击漏洞
CVE-2007-4835		PhpMyQuote SQL注入漏洞
CVE-2007-2930		ISC BIND 8远程缓存破坏漏洞
CVE-2007-4833		IBM WebSphere Application Server Edge Component 未明漏洞
CVE-2007-4832		CellFactor Revolution 格式串漏洞
CVE-2007-4831		TorrentTrader 跨站脚本攻击漏洞
CVE-2007-4830		DirectAdmin 跨站脚本攻击漏洞

Showing top 20 of 31 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2007-4843

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2007-4843

I. Basic Information for CVE-2007-4843

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2007-4843

III. Intelligence Information for CVE-2007-4843

Same Patch Batch · n/a · 2007-09-12 · 31 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2007-4843

Leave a comment