CVE-2012-6339
NONE EPSS 64.0%
Published Dec 31, 201213y ago · Modified Jun 16, 20262w ago
Published Dec 31, 2012 13y ago
Last Modified Jun 16, 2026 2w ago
Description
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cerberus FTP Server before 5.0.6.0 allow (1) remote attackers to inject arbitrary web script or HTML via a log entry that is not properly handled within the Log Manager component, and might allow (2) remote authenticated administrators to inject arbitrary web script or HTML via a Messages field to the servermanager program.
Threat Intelligence
EPSS Exploit Probability
64.0% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-79 Cross-site Scripting Injection
Affected Products 132
| Vendor | Product | Version | Range |
|---|---|---|---|
| cerberusftp | ftp_server | * | ≤5.0.5.1 |
| cerberusftp | ftp_server | 1.0 | any |
| cerberusftp | ftp_server | 1.01 | any |
| cerberusftp | ftp_server | 1.1 | any |
| cerberusftp | ftp_server | 1.2 | any |
| cerberusftp | ftp_server | 1.02 | any |
| cerberusftp | ftp_server | 1.03 | any |
| cerberusftp | ftp_server | 1.5 | any |
| cerberusftp | ftp_server | 1.05 | any |
| cerberusftp | ftp_server | 1.6 | any |
| cerberusftp | ftp_server | 1.7 | any |
| cerberusftp | ftp_server | 1.22 | any |
| cerberusftp | ftp_server | 1.71 | any |
| cerberusftp | ftp_server | 2.0 | any |
| cerberusftp | ftp_server | 2.0 | any |
| cerberusftp | ftp_server | 2.0 | any |
| cerberusftp | ftp_server | 2.0 | any |
| cerberusftp | ftp_server | 2.0 | any |
| cerberusftp | ftp_server | 2.1 | any |
| cerberusftp | ftp_server | 2.01 | any |
| cerberusftp | ftp_server | 2.02 | any |
| cerberusftp | ftp_server | 2.2 | any |
| cerberusftp | ftp_server | 2.02 | any |
| cerberusftp | ftp_server | 2.2 | any |
| cerberusftp | ftp_server | 2.2 | any |
| cerberusftp | ftp_server | 2.2 | any |
| cerberusftp | ftp_server | 2.3 | any |
| cerberusftp | ftp_server | 2.4 | any |
| cerberusftp | ftp_server | 2.4 | any |
| cerberusftp | ftp_server | 2.4 | any |
| cerberusftp | ftp_server | 2.4 | any |
| cerberusftp | ftp_server | 2.11 | any |
| cerberusftp | ftp_server | 2.11 | any |
| cerberusftp | ftp_server | 2.11 | any |
| cerberusftp | ftp_server | 2.15 | any |
| cerberusftp | ftp_server | 2.15 | any |
| cerberusftp | ftp_server | 2.16 | any |
| cerberusftp | ftp_server | 2.21 | any |
| cerberusftp | ftp_server | 2.22 | any |
| cerberusftp | ftp_server | 2.23 | any |
| cerberusftp | ftp_server | 2.31 | any |
| cerberusftp | ftp_server | 2.32 | any |
| cerberusftp | ftp_server | 2.41 | any |
| cerberusftp | ftp_server | 2.42 | any |
| cerberusftp | ftp_server | 2.43 | any |
| cerberusftp | ftp_server | 2.44 | any |
| cerberusftp | ftp_server | 2.45 | any |
| cerberusftp | ftp_server | 2.46 | any |
| cerberusftp | ftp_server | 2.47 | any |
| cerberusftp | ftp_server | 2.48 | any |
| cerberusftp | ftp_server | 2.49 | any |
| cerberusftp | ftp_server | 2.50 | any |
| cerberusftp | ftp_server | 3.0 | any |
| cerberusftp | ftp_server | 3.0.1 | any |
| cerberusftp | ftp_server | 3.0.2 | any |
| cerberusftp | ftp_server | 3.0.3 | any |
| cerberusftp | ftp_server | 3.0.4 | any |
| cerberusftp | ftp_server | 3.0.5 | any |
| cerberusftp | ftp_server | 3.0.6 | any |
| cerberusftp | ftp_server | 3.0.7 | any |
| cerberusftp | ftp_server | 3.0.7.1 | any |
| cerberusftp | ftp_server | 3.0.8 | any |
| cerberusftp | ftp_server | 3.1 | any |
| cerberusftp | ftp_server | 3.1.0.3 | any |
| cerberusftp | ftp_server | 3.1.0.4 | any |
| cerberusftp | ftp_server | 3.1.0.5 | any |
| cerberusftp | ftp_server | 3.1.1 | any |
| cerberusftp | ftp_server | 3.1.2 | any |
| cerberusftp | ftp_server | 3.1.3 | any |
| cerberusftp | ftp_server | 3.1.3.1 | any |
| cerberusftp | ftp_server | 3.1.4 | any |
| cerberusftp | ftp_server | 4.0.0 | any |
| cerberusftp | ftp_server | 4.0.0.6 | any |
| cerberusftp | ftp_server | 4.0.0.8 | any |
| cerberusftp | ftp_server | 4.0.0.9 | any |
| cerberusftp | ftp_server | 4.0.0.11 | any |
| cerberusftp | ftp_server | 4.0.1 | any |
| cerberusftp | ftp_server | 4.0.1.1 | any |
| cerberusftp | ftp_server | 4.0.2 | any |
| cerberusftp | ftp_server | 4.0.2.2 | any |
| cerberusftp | ftp_server | 4.0.3.0 | any |
| cerberusftp | ftp_server | 4.0.3.1 | any |
| cerberusftp | ftp_server | 4.0.3.2 | any |
| cerberusftp | ftp_server | 4.0.3.3 | any |
| cerberusftp | ftp_server | 4.0.4.0 | any |
| cerberusftp | ftp_server | 4.0.4.1 | any |
| cerberusftp | ftp_server | 4.0.4.2 | any |
| cerberusftp | ftp_server | 4.0.4.3 | any |
| cerberusftp | ftp_server | 4.0.5 | any |
| cerberusftp | ftp_server | 4.0.5.2 | any |
| cerberusftp | ftp_server | 4.0.5.3 | any |
| cerberusftp | ftp_server | 4.0.5.4 | any |
| cerberusftp | ftp_server | 4.0.5.5 | any |
| cerberusftp | ftp_server | 4.0.6 | any |
| cerberusftp | ftp_server | 4.0.7 | any |
| cerberusftp | ftp_server | 4.0.7.2 | any |
| cerberusftp | ftp_server | 4.0.7.3 | any |
| cerberusftp | ftp_server | 4.0.7.5 | any |
| cerberusftp | ftp_server | 4.0.7.6 | any |
| cerberusftp | ftp_server | 4.0.8.0 | any |
| cerberusftp | ftp_server | 4.0.8.1 | any |
| cerberusftp | ftp_server | 4.0.8.3 | any |
| cerberusftp | ftp_server | 4.0.9.0 | any |
| cerberusftp | ftp_server | 4.0.9.1 | any |
| cerberusftp | ftp_server | 4.0.9.2 | any |
| cerberusftp | ftp_server | 4.0.9.3 | any |
| cerberusftp | ftp_server | 4.0.9.4 | any |
| cerberusftp | ftp_server | 4.0.9.5 | any |
| cerberusftp | ftp_server | 4.0.9.6 | any |
| cerberusftp | ftp_server | 4.0.9.7 | any |
| cerberusftp | ftp_server | 4.0.9.8 | any |
| cerberusftp | ftp_server | 4.0.10.0 | any |
| cerberusftp | ftp_server | 4.0.11.0 | any |
| cerberusftp | ftp_server | 5.0.0.0 | any |
| cerberusftp | ftp_server | 5.0.0.1 | any |
| cerberusftp | ftp_server | 5.0.0.2 | any |
| cerberusftp | ftp_server | 5.0.0.3 | any |
| cerberusftp | ftp_server | 5.0.0.4 | any |
| cerberusftp | ftp_server | 5.0.0.5 | any |
| cerberusftp | ftp_server | 5.0.0.6 | any |
| cerberusftp | ftp_server | 5.0.0.7 | any |
| cerberusftp | ftp_server | 5.0.1.0 | any |
| cerberusftp | ftp_server | 5.0.1.1 | any |
| cerberusftp | ftp_server | 5.0.1.2 | any |
| cerberusftp | ftp_server | 5.0.2.0 | any |
| cerberusftp | ftp_server | 5.0.3.0 | any |
| cerberusftp | ftp_server | 5.0.3.1 | any |
| cerberusftp | ftp_server | 5.0.4.0 | any |
| cerberusftp | ftp_server | 5.0.4.1 | any |
| cerberusftp | ftp_server | 5.0.4.2 | any |
| cerberusftp | ftp_server | 5.0.4.3 | any |
| cerberusftp | ftp_server | 5.0.5.0 | any |
References 3
- archives.neohapsis.com http://archives.neohapsis.com/archives/bugtraq/2012-12/0118.html
- sadgeeksinsnow.blogspot.com http://sadgeeksinsnow.blogspot.com/2012/12/persistence-is-key-another-bug-hunt.html
- cerberusftp.com http://www.cerberusftp.com/products/releasenotes.html
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.