CVE-2016-5725: Path Traversal

Published Sep 14, 2016
·
Updated

Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ (dot dot backslash) in a response to a recursive GET command.

Other sources

JSch could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to the implementation for recursive sftp-get containing "dot dot" sequences (/../) to download the malicious files outside the client download base directory.

IBM

The following flaw was found in jsch:

A malicious sftp server may force a client-side relative path traversal in jsch's implementation for recursive sftp-get allowing the server to write files outside the clients download basedir with effective permissions of the jsch sftp client process.

Red Hat

Affected Software

5 affected componentsFixes available
redhat/jsch<0.1.54
0.1.54
JCraft jsch<=0.1.53
Microsoft Windows
All of the following
JCraft jsch<=0.1.53
Microsoft Windows

Event History

Sep 14, 2016
Data Sourced
via Red Hat·09:47 AM
DescriptionSeverityAffected Software
Jan 19, 2017
CVE Published
via MITRE·10:00 PM
Data Sourced
via MITRE·10:00 PM
Description
Data Sourced
via NVD·10:59 PM
DescriptionSeverityWeaknessAffected Software
Aug 4, 2024
Data Sourced
via IBM·07:40 PM
DescriptionSeverityAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2016-5725?

CVE-2016-5725 is considered a medium severity vulnerability as it allows directory traversal leading to unauthorized file access.

2

How do I fix CVE-2016-5725?

To fix CVE-2016-5725, update JSch to a version later than 0.1.53 where the vulnerability has been addressed.

3

What types of attacks can CVE-2016-5725 be used for?

CVE-2016-5725 can be exploited by attackers to download sensitive files from outside the intended directory using crafted SFTP requests.

4

Which versions of JSch are affected by CVE-2016-5725?

All versions of JSch up to and including 0.1.53 are affected by CVE-2016-5725.

5

Is CVE-2016-5725 specific to any operating system?

No, CVE-2016-5725 affects the JCraft JSch library and is not limited to any specific operating system.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203
CVE-2016-5725 - Path Traversal - SecAlerts