4D WebStar Symbolic Link Vulnerability

Summary
The remote server is running 4D WebStar FTP Server. 4D WebStar is reportedly vulnerable to a local symbolic link vulnerability. This issue is due to a design error that causes the application to open files without properly verifying their existence or their absolute location. Successful exploitation of this issue will allow an attacker to write to arbitrary files writable by the affected application, facilitating privilege escalation.
Solution
Upgrade to 4D WebStar 5.3.3 or later.
References