Rather than using the IP provided by the server in the response to PASV, use the IP of the server we are connected to. This is more secure since we won't connect to an arbitrary endpoint provided by the server. It also works better when the server is behind a NAT and not configured properly to provide its public IP in PASV responses.
Rather than using the IP provided by the server in the response to PASV, use the IP of the server we are connected to. This is more secure since we won't connect to an arbitrary endpoint provided by the server. It also works better when the server is behind a NAT and not configured properly to provide its public IP in PASV responses.
See also: https://github.com/advisories/GHSA-69rc-qfx4-h683