← CVECheck
HomeVulnerabilities

CVE-2001-1386 — HIGH severity vulnerability (WFTPD 3.00 allows remote attackers to read arbitrary files b)

WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension.

CVE IDCVE-2001-1386
SeverityHIGH
CVSS score7.5
CVSS vectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWECWE-59
StatusModified
Published2001-07-01
Last modified2026-04-16
DescriptionWFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →