CVE-2018-20684 – In WinSCP before 5.14 beta, due to missing validation, the scp implementation would accept …

Vuln ID: CVE-2018-20684

Published:  2019-01-10  21:29:00Z

Description: In WinSCP before 5.14 beta, due to missing validation, the scp implementation would accept arbitrary files sent by the server, potentially overwriting unrelated files. This affects TSCPFileSystem::SCPSink in core/ScpFileSystem.cpp.

Source: NVD.NIST.GOV

 

Tags