Every CVE whose affected-product data names Melag Ftp Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2021-41635 — CVSS 8.8 (high): When installed as Windows service MELAG FTP Server 2.2.0.4 is run as SYSTEM user, which grants remote attackers to abuse misconfigurations…
CVE-2021-41638 — CVSS 7.5 (high): The authentication checks of the MELAG FTP Server in version 2.2.0.4 are incomplete, which allows a remote attacker to access local files…
CVE-2021-41637 — CVSS 7.1 (high): Weak access control permissions in MELAG FTP Server 2.2.0.4 allow the "Everyone" group to read the local FTP configuration file, which…
CVE-2021-41636 — CVSS 6.5 (medium): MELAG FTP Server 2.2.0.4 allows an attacker to use the CWD command to break out of the FTP servers root directory and operate on the entire…