Freefloat FTP Server ‘WMI’ Service Arbitrary File Upload Vulnerability


Freefloat FTP Server is prone to an arbitrary file-upload vulnerability because it fails to adequately validate files before uploading them.


The information has been provided by Facundo M. de la Cruz.


Vulnerable Systems:
 * Freefloat Freefloat FTP Server 0

An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application.

Attackers can exploit this issue through a browser.
The following exploit code is available:

Disclosure Timeline:
Published: December 09 2012

Categories: News