logo_clicknbuy.png

CVE-2011-10010 – QuickShare File Server FTP Path Traversal Vulnerability

The following table lists the changes that have been made to the
CVE-2011-10010 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

  • New CVE Received
    by [email protected]

    Aug. 13, 2025

    Action Type Old Value New Value
    Added Tag unsupported-when-assigned
    Added Description QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this flaw by submitting crafted sequences to access or write files outside the intended virtual directory. When the “Writable” option is enabled (default during account creation), this allows attackers to upload arbitrary files to privileged locations such as system32, enabling remote code execution via MOF injection or executable placement.
    Added CVSS V4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
    Added CWE CWE-22
    Added Reference https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/quickshare_traversal_write.rb
    Added Reference https://web.archive.org/web/20110814125645/http://www.digital-echidna.org/2011/02/quickshare-file-share-1-2-1-directory-traversal-vulnerability/
    Added Reference https://web.archive.org/web/20120125101026/http://www.quicksharehq.com/blog/quickshare-file-server-1-2-2-released.html
    Added Reference https://www.exploit-db.com/exploits/16105
    Added Reference https://www.exploit-db.com/exploits/18933
    Added Reference https://www.vulncheck.com/advisories/quickshare-file-server-path-traversal-rce
Share the Post:

Related Posts