#VU101665 Improper privilege management in ProFTPD - CVE-2024-48651
Published: December 11, 2024 / Updated: February 25, 2025
Vulnerability identifier: #VU101665
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/U:Amber
CVE-ID: CVE-2024-48651
CWE-ID: CWE-269
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
ProFTPD
ProFTPD
Software vendor:
ProFTPD
ProFTPD
Description
The vulnerability allows a remote user to compromise the affected system.
The vulnerability exists due to improper privilege management when handling users without assigned supplementary groups. If the user has no groups assigned to their account, the server will assume the GID of 0 for this account. As a result, the user will gain access to files and directories owned by the system root user and will be able to modify them at will, leading to privilege escalation and system compromise.
Remediation
Install update from vendor's website.