Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coreftp vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2014-1443
Core FTP Server 1.2 before build 515 allows remote authenticated users to obtain sensitive information (password for the previous user) via a USER command with a specific length, possibly related to an out-of-bounds read.
Coreftp Core Ftp 1.2
2.1
CVSSv2
CVE-2020-21588
Buffer overflow in Core FTP LE v2.2 allows local malicious users to cause a denial or service (crash) via a long string in the Setup->Users->Username editbox.
Coreftp Core Ftp 2.2
5
CVSSv2
CVE-2014-4643
Multiple heap-based buffer overflows in the client in Core FTP LE 2.2 build 1798 allow remote FTP servers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in a reply to a (1) USER, (2) PASS, (3) PASV, (4) SYST, (5) PWD, or (6)...
Coreftp Core Ftp 2.2
1 EDB exploit
5
CVSSv2
CVE-2020-19595
Buffer overflow vulnerability in Core FTP Server v2 Build 697, via a crafted username.
Coreftp Core Ftp 2.0
7.5
CVSSv2
CVE-2020-19596
Buffer overflow vulnerability in Core FTP Server v1.2 Build 583, via a crafted username.
Coreftp Core Ftp 1.2
5
CVSSv2
CVE-2019-9648
An issue exists in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE command along with a \..\..\ substring, allowing an malicious user to enumerate file existence based on the returned information.
Coreftp Core Ftp 2.0
1 EDB exploit
5
CVSSv2
CVE-2019-9649
An issue exists in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal technique (..\..\) to browse outside the root directory to determine the existence of a file on the operating system, and its last m...
Coreftp Core Ftp 2.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2