CVE-2019-9649

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal technique (….) to browse outside the root directory to determine the existence of a file on the operating system, and its last modified date.
Source: NIST
CVE-2019-9649