Monstaftp Monsta_ftp
6 CVEs affecting Monstaftp Monsta_ftp. Latest disclosed: 2025-11-07. Critical: 5, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-34299 | Critical | 9.8 | 2025-11-07 | Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated arbitrary file uploads. This flaw enables attackers to execute arbitra… |
CVE-2022-27469 | Critical | 9.8 | 2022-04-26 | Monstaftp v2.10.3 was discovered to allow attackers to execute Server-Side Request Forgery (SSRF). |
CVE-2022-27468 | Critical | 9.8 | 2022-04-26 | Monstaftp v2.10.3 was discovered to contain an arbitrary file upload which allows attackers to execute arbitrary code via a crafted file uploaded to the web se… |
CVE-2020-14057 | Critical | 9.8 | 2020-07-01 | Monsta FTP 2.10.1 or below allows external control of paths used in filesystem operations. This allows attackers to read and write arbitrary local files, allow… |
CVE-2020-14056 | Critical | 9.8 | 2020-07-01 | Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch functionality. This allows… |
CVE-2020-14055 | Medium | 6.1 | 2020-07-01 | Monsta FTP 2.10.1 or below is prone to a stored cross-site scripting vulnerability in the language setting due to insufficient output encoding. |