Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
Filezilla is a software that allows users to transfer files between their local computer and a remote server. This module focuses on detecting vulnerabilities in Filezilla installations.
Severity: medium
Author: amsda
If a vulnerability is detected in Filezilla, it could potentially expose sensitive files and data to unauthorized access. This can lead to data breaches, unauthorized modifications, and other security risks.
This module works by sending HTTP requests to specific paths in the Filezilla installation. It looks for specific patterns and conditions to determine if a vulnerability exists.
Example HTTP request:
GET /filezilla.xml
The module uses the following matching conditions:
- The response body must contain the words "<FileZilla
" and "<Servers>
".
- The response headers must contain the word "xml
".
- The response status code must be 200
.
If all of these conditions are met, the module reports a vulnerability in the Filezilla installation.
Note: This module only detects vulnerabilities and does not perform any modifications or fixes.