CVE-2019-19669 in FTP Server
Summary
by MITRE
A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 05/11/2025
The vulnerability identified as CVE-2019-19669 represents a critical cross-site request forgery flaw within the Upload Center Forms Component of Rumpus FTP version 8.2.9.1. This security weakness resides in the Web File Manager's upload center functionality, specifically affecting the RAPR/TriggerServerFunction.html endpoint that handles form management operations. The vulnerability stems from insufficient validation of HTTP requests originating from unauthorized sources, allowing malicious actors to exploit the system's trust relationship with legitimate users. The affected component operates within the broader context of file transfer protocol services where users typically expect secure handling of upload operations and form configurations.
Technical exploitation of this CSRF vulnerability enables attackers to perform unauthorized actions against the target system through forged requests that appear to originate from authenticated users. The flaw specifically impacts the RAPR/TriggerServerFunction.html interface which serves as a critical pathway for managing upload forms within the Rumpus FTP environment. Attackers can leverage this vulnerability to execute destructive operations including creating new upload forms, modifying existing configurations, and deleting critical form elements without proper authorization. The vulnerability's impact extends beyond simple data manipulation as it fundamentally undermines the integrity of the system's form management capabilities and potentially compromises the entire file upload infrastructure.
The operational consequences of this vulnerability pose significant risks to organizations relying on Rumpus FTP for file management operations. Successful exploitation could result in unauthorized access to sensitive file upload configurations, potential data loss through form deletion, and the creation of malicious upload forms that could be used for further attacks. The vulnerability affects the authentication and authorization mechanisms within the Web File Manager, creating a pathway for attackers to manipulate the system's upload behavior and potentially gain persistence within the network. Organizations using this software may experience service disruption, data integrity issues, and increased attack surface exposure that could facilitate more sophisticated compromise attempts.
Security mitigations for this CSRF vulnerability should focus on implementing robust request validation mechanisms and enforcing proper authentication checks for all operations within the RAPR/TriggerServerFunction.html endpoint. The solution involves implementing anti-CSRF tokens that are generated per session and validated on each request, ensuring that requests originate from legitimate user interactions rather than forged attacks. Organizations should also consider implementing additional security controls such as origin validation, referer header checking, and mandatory authentication for all form management operations. The vulnerability aligns with CWE-352, which specifically addresses cross-site request forgery weaknesses in web applications, and represents a clear violation of the principle of least privilege that should be enforced in all server-side operations. Implementation of proper input validation and session management controls will effectively address this vulnerability and align with recommended practices from the ATT&CK framework's web application exploitation techniques.