So I was interested on understaning the Concept of Attacks that the module uses to analysis vulnerabilities.
In the FTP modules analyses the CVE-2022-22836 and for the
Privileges section it says the following:
Since all restrictions were bypassed during the directory traversal vulnerability, the service approves writing the contents to the specified file.
It doesn’t specify it anywere but what I understand is that during all the attack the privileges should correlate directly on which privileges is the FTP server running.
I’m not sure if this is correct or maybe I’m missing something.
Thanks and happy new year everyone!