Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tftp-server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1610
Stack-based buffer overflow in TallSoft Quick TFTP Server Pro 2.1 allows remote malicious users to cause a denial of service or execute arbitrary code via a long mode field in a read or write request.
Tallsoft Quick Tftp Server Pro 2.1
3 EDB exploits
NA
CVE-2011-4720
Hillstone HS TFTP Server 1.3.2 allows remote malicious users to cause a denial of service (daemon crash) via a long filename in a (1) RRQ or (2) WRQ operation.
Hillstone Software Hs Tftp Server 1.3.2
1 EDB exploit
NA
CVE-2006-6184
Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote malicious users to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.
Alliedtelesyn At-tftp
4 EDB exploits
2 Github repositories
NA
CVE-2008-6791
PumpKIN TFTP Server 2.7.2.0 allows remote malicious users to cause a denial of service via a write request with a long mode field.
Klever Pumpkin 2.7.2.0
1 EDB exploit
NA
CVE-2008-1403
Stack-based buffer overflow in the TFTP server in BootManage TFTPD 1.99 and previous versions in BootManage Administrator 7.1 and previous versions allows remote malicious users to execute arbitrary code via a request with a long filename.
Bootmanage Tftpd
Bootmanage Administrator
1 EDB exploit
6.5
CVSSv3
CVE-2022-21394
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is before 6.1.32. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox execu...
Oracle Vm Virtualbox
NA
CVE-2002-0813
Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote malicious users to cause a denial of service (reset) or modify configuration via a long filename.
Cisco Ios 11.3
Cisco Ios 11.2
Cisco Ios 11.1
1 EDB exploit
7.5
CVSSv3
CVE-2020-7211
tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows.
Libslirp Project Libslirp 4.1.0
Qemu Qemu 4.2.0
9.8
CVSSv3
CVE-2018-5777
An issue exists in Ipswitch WhatsUp Gold prior to 2017 Plus SP1 (17.1.1). Remote clients can take advantage of a misconfiguration in the TFTP server that could allow malicious users to execute arbitrary commands on the TFTP server via unspecified vectors.
Ipswitch Whatsup Gold
NA
CVE-2002-1968
Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions prior to 2.1.1.108.003, downloads a DOCSIS configuration file from a TFTP server running on the internal network, which allows local users to modify configuration of the modem via a mali...
Com21 Doxport 1100 2.1.1.106
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5841
file upload
man-in-the-middle
arbitrary
CVE-2024-27801
CVE-2024-28020
CVE-2024-30080
CVE-2024-30069
CVE-2024-5843
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »