Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE command along with a ….\ substring, allowing an attacker to enumerate file existence based on the returned information.