FileZilla Server 0.9.60 beta was released around and has since been superseded by the completely rewritten v1.x branch. Running this version in a modern environment is considered high-risk due to several factors:
Ensure all users have complex, long passwords. Conclusion filezilla server 0960 beta exploit github link
If you can tell me (e.g., hosting public files, internal file sharing, or developer access), I can help you decide if upgrading to FileZilla 1.x or switching to a completely different service is best. FileZilla Server 0
The hosting the server (Windows Server, Linux, etc.) The hosting the server (Windows Server, Linux, etc
A detailed breakdown of exploiting this, including using SSH port forwarding to access the 127.0.0.1:14147 port, is described in Hacknetics' GitHub repo .
: A known vulnerability (CVE-2016-10142) in the FileZilla Client (rather than the server) allows for remote code execution if a user can be tricked into downloading a malicious binary into a specific directory.