CVE-2019-9648

EPSS 19.73% · P95 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2019-9648

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE command along with a \..\..\ substring, allowing an attacker to enumerate file existence based on the returned information.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

CoreFTP SFTP Server/FTP Server 路径遍历漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

CoreFTP SFTP Server/FTP Server是一款文件传输服务器。 CoreFTP Server FTP/SFTP Server 2 build 674版本中存在路径遍历漏洞。攻击者可借助‘....’序列利用该漏洞浏览根目录之外的位置，确定所存在的文件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2019-9648

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2019-9648

请登录查看更多情报信息。

http://www.coreftp.com/forums/viewtopic.php?f=15&t=4022509x_refsource_CONFIRM
http://packetstormsecurity.com/files/154204/CoreFTP-Server-SIZE-Directory-Traversal.htmlx_refsource_MISC
https://www.exploit-db.com/exploits/46535exploitx_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/107446vdb-entryx_refsource_BID
https://seclists.org/fulldisclosure/2019/Mar/23mailing-listx_refsource_FULLDISC
http://seclists.org/fulldisclosure/2019/Aug/21mailing-listx_refsource_FULLDISC
https://nvd.nist.gov/vuln/detail/CVE-2019-9648

Same Patch Batch · n/a · 2019-03-22 · 11 CVEs total

CVE-2018-20165		OpenText Portal 跨站脚本漏洞
CVE-2019-9649		Core FTP SFTP Server组件路径遍历漏洞
CVE-2019-9939		SHAREit application for Android 授权问题漏洞
CVE-2019-9938		SHAREit application for Android 信息泄露漏洞
CVE-2019-9937		SQLite 代码问题漏洞
CVE-2019-9936		SQLite 缓冲区错误漏洞
CVE-2019-9923		GNU Tar 代码问题漏洞
CVE-2019-9927		Caret 输入验证错误漏洞
CVE-2019-9925		S-CMS 跨站脚本漏洞
CVE-2019-9924		Bash 输入验证错误漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2019-9648

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2019-9648

I. Basic Information for CVE-2019-9648

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2019-9648

III. Intelligence Information for CVE-2019-9648

Same Patch Batch · n/a · 2019-03-22 · 11 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2019-9648

Leave a comment