CVE-2023-42657

In WS_FTP Server version 8.7.0 prior to 8.7.4 and

version 8.8.0 prior to 8.8.2, a directory traversal vulnerability was discovered.  An attacker could leverage this vulnerability to perform file operations (delete, rename, rmdir, mkdir) on files and folders outside of their authorized WS_FTP folder path.  Attackers could also escape the context of the WS_FTP Server file structure and perform the same level of operations (delete, rename, rmdir, mkdir) on file and folder locations on the underlying operating system.

Source: CVE-2023-42657