Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tftp-server vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2002-2353
tftpd32 2.50 and 2.50.2 allows remote malicious users to read or write arbitrary files via a full pathname in GET and PUT requests.
Tftpd32 Tftpd32 2.50
Tftpd32 Tftpd32 2.50.2
1 EDB exploit
7.5
CVSSv2
CVE-2002-1810
D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote malicious users to access the TFTP server without authentication and read the config.img file, which contains sensitive information such as the administrative password, the WEP encryption keys, and network configuration inf...
Dlink Dwl-900ap\\+ Firmware 2.1
Dlink Dwl-900ap\\+ Firmware 2.2
2.1
CVSSv2
CVE-2002-1968
Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions prior to 2.1.1.108.003, downloads a DOCSIS configuration file from a TFTP server running on the internal network, which allows local users to modify configuration of the modem via a mali...
Com21 Doxport 1100 2.1.1.106
5
CVSSv2
CVE-2002-2237
tftp32 TFTP server 2.21 and previous versions allows remote malicious users to cause a denial of service via a GET request with a DOS device name such as com1 or aux.
Tftp Tftp Server 2.21
5
CVSSv2
CVE-2002-1209
Directory traversal vulnerability in SolarWinds TFTP Server 5.0.55, and possibly earlier, allows remote malicious users to read arbitrary files via "..\" (dot-dot backslash) sequences in a GET request.
Solarwinds Tftp Server 5.0.55 Standard
1 EDB exploit
7.1
CVSSv2
CVE-2002-0813
Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote malicious users to cause a denial of service (reset) or modify configuration via a long filename.
Cisco Ios 11.1
Cisco Ios 11.2
Cisco Ios 11.3
1 EDB exploit
10
CVSSv2
CVE-2002-0395
The TFTP server for Red-M 1050 (Bluetooth Access Point) can not be disabled and makes it easier for remote malicious users to crack the administration password via brute force methods.
Red-m 1050ap Lan Acess Point
5
CVSSv2
CVE-2001-0783
Cisco TFTP server 1.1 allows remote malicious users to read arbitrary files via a ..(dot dot) attack in the GET command.
Cisco Tftp Server 1.1
7.5
CVSSv2
CVE-2001-1265
Directory traversal vulnerability in IBM alphaWorks Java TFTP server 1.21 allows remote malicious users to conduct unauthorized operations on arbitrary files via a .. (dot dot) attack.
Ibm Alphaworks Tftp Server 1.21
7.5
CVSSv2
CVE-2001-1426
Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 has a TFTP server running without a password, which allows remote malicious users to change firmware versions or the device's configurations.
Alcatel Speed Touch Home Khdsaa.133
Alcatel Speed Touch Home Khdsaa.134
Alcatel Speed Touch Home Khdsaa.108
Alcatel Speed Touch Home Khdsaa.132
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »