Improper privilege management in ProFTPD - CVE-2024-48651
Published: December 11, 2024 / Updated: February 25, 2025
Vulnerability identifier: #VU101665
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/U:Amber
CVE-ID: CVE-2024-48651
CWE-ID: CWE-269
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: ProFTPD
Affected software:
ProFTPD
ProFTPD
Detailed vulnerability description
The vulnerability allows a remote user to compromise the affected system.
The vulnerability exists due to improper privilege management when handling users without assigned supplementary groups. If the user has no groups assigned to their account, the server will assume the GID of 0 for this account. As a result, the user will gain access to files and directories owned by the system root user and will be able to modify them at will, leading to privilege escalation and system compromise.
How to mitigate CVE-2024-48651
Install update from vendor's website.