Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tftp tftp vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-12568
Stack-based overflow vulnerability in the logMess function in Open TFTP Server SP 1.66 and previous versions allows remote malicious users to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-...
Open Tftp Server Project Open Tftp Server
7.8
CVSSv3
CVE-2020-26130
Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenTFTPServerMT.exe or the OpenTFTPServerSP.exe...
Open Tftp Server Project Open Tftp Server 1.66
NA
CVE-2002-2396
Buffer overflow in Advanced TFTP (atftp) 0.5 and 0.6, if installed setuid or setgid, may allow local users to execute arbitrary code via a long argument to the -g option.
Remi Lefebvre Advanced Tftp 0.6
Remi Lefebvre Advanced Tftp 0.5
NA
CVE-2009-0288
Directory traversal vulnerability in k23productions TFTPUtil GUI 1.2.0 and 1.3.0 allows remote malicious users to read arbitrary files outside the TFTP root directory via directory traversal sequences in a GET request.
Windows Tftp Utility Tftputil 1.3.0
Windows Tftp Utility Tftputil 1.2.0
NA
CVE-2009-0289
k23productions TFTPUtil GUI 1.2.0 and 1.3.0 allows remote malicious users to cause a denial of service (service crash) via a long filename in a crafted request.
Windows Tftp Utility Tftputil 1.3.0
Windows Tftp Utility Tftputil 1.2.0
NA
CVE-2006-1952
Directory traversal vulnerability in WinAgents TFTP Server for Windows 3.1 and previous versions allows remote malicious users to read arbitrary files via "..." (triple dot) sequences in a GET request.
Winagents Tftp Server
8.8
CVSSv3
CVE-2023-29930
An issue was found in Genesys CIC Polycom phone provisioning TFTP Server all version allows a remote malicious user to execute arbitrary code via the login crednetials to the TFTP server configuration page.
Genesys Tftp Server
1 Github repository
NA
CVE-2006-6184
Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote malicious users to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.
Alliedtelesyn At-tftp
4 EDB exploits
2 Github repositories
NA
CVE-2001-0783
Cisco TFTP server 1.1 allows remote malicious users to read arbitrary files via a ..(dot dot) attack in the GET command.
Cisco Tftp Server 1.1
NA
CVE-2010-1174
Cisco TFTP Server 1.1 allows remote malicious users to cause a denial of service (daemon crash) via a crafted (1) read (aka RRQ) or (2) write (aka WRQ) request, or other TFTP packet. NOTE: some of these details are obtained from third party information.
Cisco Tftp Server 1.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »