CVE-2010-3867
CVE-2010-3867 is a high-severity vulnerability in Proftpd with a CVSS 2.0 base score of 7.1. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-22.
Key facts
- Severity: High (CVSS 2.0 base score 7.1)
- EPSS exploit prediction: 8% (94th percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-22
- Affected product: Proftpd
- Published:
- Last modified:
Description
Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.
Frequently asked questions
- What is CVE-2010-3867?
- Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.
- How severe is CVE-2010-3867?
- CVE-2010-3867 has a CVSS 2.0 base score of 7.1, rated high severity.
- Is CVE-2010-3867 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 8% (94th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2010-3867?
- CVE-2010-3867 primarily affects Proftpd. In total, 32 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2010-3867?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- When was CVE-2010-3867 published?
- CVE-2010-3867 was published on 2010-11-09 and last updated on 2026-06-16.
References
- http://bugs.proftpd.org/show_bug.cgi?id=3519
- http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050687.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050703.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050726.html
- http://secunia.com/advisories/42047
- http://secunia.com/advisories/42052
- http://secunia.com/advisories/42217
- http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.498209
- http://www.debian.org/security/2011/dsa-2191
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:227
- http://www.openwall.com/lists/oss-security/2010/11/01/4
- http://www.proftpd.org/docs/NEWS-1.3.3c
- http://www.securityfocus.com/bid/44562
- http://www.vupen.com/english/advisories/2010/2853
- http://www.vupen.com/english/advisories/2010/2941
- http://www.vupen.com/english/advisories/2010/2959
- http://www.vupen.com/english/advisories/2010/2962
Affected products (32)
- cpe:2.3:a:proftpd:proftpd:1.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.2.10:rc1:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.2.10:rc2:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.2.10:rc3:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.0:a:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.0:rc5:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.1:rc2:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.1:rc3:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:a:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:b:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:c:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:d:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:e:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:rc2:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:rc3:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:rc4:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:a:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:b:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:rc2:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:rc3:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:rc4:*:*:*:*:*:*
More vulnerabilities in Proftpd
- CVE-2015-3306 — Critical (CVSS 10.0): The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and…
- CVE-2010-4221 — Critical (CVSS 10.0): Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow…
- CVE-2010-20103 — Critical (CVSS 9.8): A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and…
- CVE-2019-12815 — Critical (CVSS 9.8): An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and…
- CVE-2011-4130 — Critical (CVSS 9.0): Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute…
- CVE-2020-9273 — High (CVSS 8.8): In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a…
Other CWE-22 (Path Traversal) vulnerabilities
- CVE-2026-48282 — Critical (CVSS 10.0): ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted…
- CVE-2026-54917 — Critical (CVSS 10.0): SeaweedFS is a distributed storage system for object storage (S3), file systems, and Iceberg tables. Prior to 4.30, the…
- CVE-2026-11429 — Critical (CVSS 10.0): Two endpoints in the Vault Service ScriptsController, shared by Altium Enterprise Server and Altium 365, accept file…
- CVE-2026-34909 — Critical (CVSS 10.0): A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to…
- CVE-2026-7411 — Critical (CVSS 10.0): In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, inadequate path normalization in the Submodel…
- CVE-2026-36767 — Critical (CVSS 10.0): A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary…