CVE-2009-4645 in Secure File Transfer Appliance
Summary
by MITRE
Directory traversal vulnerability in web_client_user_guide.html in Accellion Secure File Transfer Appliance before 8_0_105 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 05/01/2026
The CVE-2009-4645 vulnerability represents a critical directory traversal flaw in the Accellion Secure File Transfer Appliance, specifically affecting versions prior to 8_0_105. This vulnerability exists within the web client user guide component and allows remote attackers to access arbitrary files on the underlying file system through manipulation of the lang parameter. The issue stems from inadequate input validation and sanitization mechanisms that fail to properly restrict file path traversal sequences, enabling malicious actors to navigate beyond the intended directory boundaries and potentially access sensitive system files, configuration data, or user information.
The technical exploitation of this vulnerability follows a classic directory traversal pattern where attackers append directory traversal sequences such as .. to the lang parameter in the web_client_user_guide.html endpoint. This allows the application to interpret the malicious input as a legitimate file path request, causing the system to resolve paths that extend beyond the intended web root directory. The vulnerability operates at the application layer and can be exploited without authentication, making it particularly dangerous as it allows unauthorized access to the underlying file system. This flaw directly maps to CWE-22 - Improper Limitation of a Pathname to a Restricted Directory, which is a fundamental security weakness in input validation and path resolution mechanisms.
The operational impact of this vulnerability extends beyond simple information disclosure, as it can potentially enable attackers to access critical system files, configuration databases, or user credentials stored on the appliance. In the context of a secure file transfer appliance, this represents a severe compromise of the system's security posture, as it could allow attackers to obtain sensitive data that should remain protected within the appliance's secure environment. The vulnerability also aligns with ATT&CK technique T1083 - File and Directory Discovery, as it enables adversaries to enumerate the file system structure and identify potentially sensitive files. Additionally, this weakness could facilitate further exploitation by allowing attackers to access system binaries or configuration files that might reveal additional attack vectors or system vulnerabilities.
Organizations using affected versions of the Accellion Secure File Transfer Appliance should prioritize immediate remediation through the vendor-provided security patches. The mitigation strategy should include implementing proper input validation and sanitization for all user-supplied parameters, particularly those used in file path resolution. Security measures should encompass the deployment of web application firewalls to filter malicious traversal sequences, implementation of proper access controls and least privilege principles, and regular security assessments of web applications to identify similar vulnerabilities. Organizations should also conduct comprehensive vulnerability scans to identify any other potentially affected components within their network infrastructure and ensure that all security patches are applied promptly to prevent exploitation of this and similar directory traversal vulnerabilities.