Description
`hftp` is a static http or ftp server `hftp` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Remediation
References
https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/hftp
https://nodesecurity.io/advisories/384
Related Vulnerabilities
CVE-2021-32828 Vulnerability in maven package org.nuxeo.ecm.platform:nuxeo-platform-oauth
CVE-2021-41193 Vulnerability in maven package com.wire:avs
CVE-2019-16869 Vulnerability in maven package io.netty:netty
CVE-2022-41936 Vulnerability in maven package org.xwiki.platform:xwiki-platform-rest-server
CVE-2022-22965 Vulnerability in maven package org.springframework.boot:spring-boot-starter-webflux