ftp-srv is an open-source FTP server designed to be simple yet configurable. In ftp-srv there is a path-traversal vulnerability. Clients of FTP servers utilizing ftp-srv hosted on Windows machines can escape the FTP user's defined root folder using the expected FTP commands, for example, CWD and UPDR. When windows separators exist within the path (), path.resolve leaves the upper pointers intact and allows the user to move beyond the root …
All versions of ftp-srv is vulnerable to Server-Side Request Forgery (SSRF). The package fails to prevent remote clients to access other resources in the network, for example when connecting to the server through telnet. This allows attackers to access any network resources available to the server, including private resources in the hosting environment. Recommendation No fix is currently available. Consider using an alternative package until a fix is made available.
ftp-srv is vulnerable to Server-Side Request Forgery. The PORT command allows arbitrary IPs which can be used to cause the server to make a connection elsewhere. A possible workaround is blocking the PORT through the configuration.