A flaw in ProFTPD file transfer protocol (FTP) server can be exploited to copy files to vulnerable servers and potentially execute arbitrary code. The vulnerability, tracked as CVE-2019-12815, resides in the mod_copy module that implements commands for copying files and folders on the same server without the necessity to first transfer the data to the client. A patch addressing the flaw is already available, it was backported to version 1.3.6, but it has yet to be included in a new release.”]
Source: https://securityaffairs.co/wordpress/88811/hacking/proftpd-flaw.html