Vulnerabilities > CVE-2020-14056 - Server-Side Request Forgery (SSRF) vulnerability in Monstaftp Monsta FTP
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch functionality. This allows attackers to read arbitrary local files and interact with arbitrary third-party services.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 10 |