This page lists publicly disclosed CVE vulnerabilities affecting southrivertech titan_ftp_server (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-45690 | Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux allows a user that's authentication to the OS to read sensitive files on the filesystem | [email protected] | 4.9 | 1.48% | 2023-10-16 | 2026-06-17 |
| CVE-2022-44215 | There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL. | [email protected] | 6.1 | 0.75% | 2023-08-22 | 2026-06-17 |
| CVE-2023-22629 | An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server's filesystem. | [email protected] | 8.8 | 12.32% | 2023-02-14 | 2026-06-17 |
| CVE-2019-10009 | A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \..\..\ technique, arbitrary files can be loaded in the server response outside the root directory. | [email protected] | 6.5 | 11.47% | 2019-06-03 | 2026-06-16 |
| CVE-2014-1843 | Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter. | [email protected] | 5.0 | 4.67% | 2014-04-29 | 2026-06-16 |
| CVE-2014-1842 | Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value. | [email protected] | 5.0 | 4.79% | 2014-04-29 | 2026-06-16 |
| CVE-2014-1841 | Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user's home folder via a Move action with a .. (dot dot) in the src parameter. | [email protected] | 5.0 | 4.85% | 2014-04-29 | 2026-06-16 |
| CVE-2010-2426 | Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via "..//" sequences in the xcrc command. | [email protected] | 4.0 | 12.26% | 2010-06-24 | 2026-06-16 |
| CVE-2010-2425 | Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command. | [email protected] | 6.5 | 1.22% | 2010-06-24 | 2026-06-16 |
| CVE-2008-6082 | Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command. | [email protected] | 5.0 | 44.58% | 2009-02-06 | 2026-06-16 |