FortiClient VulnerabilitySecurity Vulnerabilities fixed in WinSCP 5.17.10
Description
WinSCP before 5.17.10 allows remote attackers to execute arbitrary programs when the URL handler encounters a crafted URL that loads session settings. (For example, this is exploitable in a default installation in which WinSCP is the handler for sftp:// URLs.)
Affected Applications
WinSCP
CVE References
CVE-2021-3331Other References
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3331| ID | 2587 |
| Created | May 12, 2021 |
| Description Updated |
Nov 03, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | WinSCP |
| Patch | manual |
| Application | WinSCP |