An issue in Pablo FTP Service may make it possible for remote users to perform unauthorized actions.
It has been reported that Pablo FTP Service does not sufficiently restrict the anonymous user account, which is active by default. Because of this, a default configuration may provide a conduit for the disclosure of potentially sensitive information.
An attacker may exploit this vulnerability to access arbitrary files on the underlying system and potentially disclose sensitive information.
It should be noted that while this vulnerability has been reported to affect Pablo FTP service version 1.2, other versions might also be affected.