Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tftp server vulnerabilities and exploits
(subscribe to this query)
384
VMScore
CVE-2019-5435
An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1.
Haxx Curl
756
VMScore
CVE-2007-5361
The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and previous versions caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote malicious user...
Alcatel-lucent Omnipcx
668
VMScore
CVE-2006-5584
The Remote Installation Service (RIS) in Microsoft Windows 2000 SP4 uses a TFTP server that allows anonymous access, which allows remote malicious users to upload and overwrite arbitrary files to gain privileges on systems that use RIS.
Microsoft Windows 2000
445
VMScore
CVE-2011-4821
Directory traversal vulnerability in the TFTP server in D-Link DIR-601 Wireless N150 Home Router with firmware 1.02NA allows remote malicious users to read arbitrary files via unspecified vectors.
Dlink Dir-601 Firmware 1.02na
Dlink Dir-601 -
890
VMScore
CVE-2002-0395
The TFTP server for Red-M 1050 (Bluetooth Access Point) can not be disabled and makes it easier for remote malicious users to crack the administration password via brute force methods.
Red-m 1050ap Lan Acess Point
543
VMScore
CVE-2020-35233
The TFTP server fails to handle multiple connections on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices, and allows external malicious users to force device reboots by sending concurrent connections, aka a denial of service attack.
Netgear Gs116e Firmware 2.6.0.43
Netgear Jgs516pe Firmware 2.6.0.43
668
VMScore
CVE-2001-1426
Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 has a TFTP server running without a password, which allows remote malicious users to change firmware versions or the device's configurations.
Alcatel Speed Touch Home Khdsaa.133
Alcatel Speed Touch Home Khdsaa.134
Alcatel Speed Touch Home Khdsaa.108
Alcatel Speed Touch Home Khdsaa.132
694
VMScore
CVE-2007-3874
Directory traversal vulnerability in the tftp/mftp daemon in the PXE server component (pxemtftp.exe) in Symantec Altiris Deployment Solution 6.x prior to 6.8.380.0 allows remote malicious users to read arbitrary files via unspecified vectors.
Altiris Deployment Solution 6.0
Altiris Deployment Solution 6.8
445
VMScore
CVE-2004-2432
WinAgents TFTP Server 3.0 allows remote malicious users to cause a denial of service (crash) via a request for a file with a long file name, possibly due to an off-by-one buffer overflow.
890
VMScore
CVE-2008-1310
Directory traversal vulnerability in the TFTP server in PacketTrap Networks pt360 Tool Suite 1.1.33.1.0, and other versions prior to 2.0.3900.0, allows remote malicious users to read and overwrite arbitrary files via directory traversal sequences in the pathname.
Packettrap Pt360 Tool Suite 1.1.33.1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »