Root FTP Software Allows Unauthorized Access on Certain Systems

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Root FTP Software Allows Unauthorized Access on Certain Systems

ROOT-APP-NPM-GHSA-6v7q-wjvx-w8wg

Summary

The Root FTP software has a security issue that could allow an attacker to gain unauthorized access to certain systems. This issue has been fixed by Root in a recent update, and users should update their software to a patched version to prevent potential security risks. Users should check for and apply the latest update to ensure their system remains secure.

What to do

Update rootio @rootio/basic-ftp to version 5.0.3-root.io.2.

Affected software

Ecosystem	Vendor	Product	Affected versions
Root:npm	rootio	@rootio/basic-ftp	< 5.0.3-root.io.2 Fix: upgrade to 5.0.3-root.io.2

Original title

GHSA-6v7q-wjvx-w8wg in @rootio/basic-ftp - Patched by Root

Original description

Root has patched GHSA-6v7q-wjvx-w8wg in the @rootio/basic-ftp package for Root:npm. Multiple fixed versions available.

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026