CVE-2019-19667 in FTP Server
Summary
by MITRE
A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 05/11/2025
The vulnerability identified as CVE-2019-19667 represents a critical cross-site request forgery flaw within the Rumpus FTP 8.2.9.1 web file manager interface. This issue specifically affects the Block Clients component, which is designed to manage network access controls by allowing administrators to whitelist or block specific IP addresses. The vulnerability stems from the absence of proper anti-CSRF protections in the RAPR/BlockedClients.html endpoint, which processes requests to modify client access controls. Attackers can exploit this weakness by tricking authenticated users into visiting a malicious website or clicking on a crafted link that automatically submits requests to the vulnerable endpoint.
The technical nature of this flaw aligns with CWE-352, which categorizes cross-site request forgery vulnerabilities as weaknesses that occur when a web application fails to validate the origin of requests. In this case, the Rumpus FTP web interface does not implement sufficient CSRF tokens or other validation mechanisms to ensure that requests to modify client access controls originate from legitimate administrative sessions. The vulnerability allows an attacker to perform unauthorized modifications to the system's access control lists, potentially enabling them to whitelist malicious IP addresses or block legitimate users from accessing the FTP service.
The operational impact of this vulnerability is significant as it provides attackers with the ability to manipulate network access controls without proper authorization. An attacker who successfully exploits this CSRF vulnerability could gain persistent access to the FTP server by whitelisting their own IP address or by blocking legitimate administrators from accessing the system. This creates a persistent backdoor that could remain undetected for extended periods, allowing the attacker to maintain control over the FTP service and potentially access or modify sensitive files stored on the server. The attack requires minimal technical expertise and can be executed through social engineering techniques, making it particularly dangerous in environments where users might be tricked into visiting malicious websites.
Mitigation strategies for this vulnerability should include implementing proper CSRF protection mechanisms such as anti-CSRF tokens that are generated per session and validated on each request to modify client access controls. The web application should also enforce strict origin validation and implement proper session management controls to ensure that requests to administrative endpoints can only be initiated from legitimate administrative interfaces. Organizations should consider applying the vendor-provided security patches or upgrading to newer versions of Rumpus FTP that address this vulnerability. Additionally, network segmentation and access control measures should be implemented to limit the potential impact of successful exploitation, while monitoring systems should be configured to detect unauthorized changes to access control lists. This vulnerability demonstrates the importance of implementing comprehensive security controls in web-based administrative interfaces and aligns with ATT&CK technique T1078 which covers valid accounts and privilege escalation through unauthorized access to administrative functions.