Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ftpd ftpd vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2013-2512
The ftpd gem 0.2.1 for Ruby allows remote malicious users to execute arbitrary OS commands via shell metacharacters in a LIST or NLST command argument within FTP protocol traffic.
Ftpd Project Ftpd 0.2.1
9.8
CVSSv3
CVE-2020-1939
The Apache NuttX (Incubating) project provides an optional separate "apps" repository which contains various optional components and example programs. One of these, ftpd, had a NULL pointer dereference bug. The NuttX RTOS itself is not affected. Users of the optional ap...
Apache Nuttx
9.8
CVSSv3
CVE-2017-12170
Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has security implications because of overriding security-r...
Pureftpd Pure-ftpd 1.0.46-1
Fedoraproject Fedora 27
Fedoraproject Fedora 26
9.8
CVSSv3
CVE-2003-0466
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow malicious users to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 up to and including 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buff...
Wuftpd Wu-ftpd
Redhat Wu Ftpd 2.6.1-16
Apple Mac Os X Server 10.2.6
Apple Mac Os X 10.2.6
Sun Solaris 9.0
Freebsd Freebsd
Netbsd Netbsd
Openbsd Openbsd
5 EDB exploits
8.8
CVSSv3
CVE-2020-7468
In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a ftpd(8) bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be...
Freebsd Freebsd 11.3
Freebsd Freebsd 12.1
Freebsd Freebsd 11.4
Freebsd Freebsd 12.2
8.8
CVSSv3
CVE-2018-13284
Command injection vulnerability in ftpd in Synology Diskstation Manager (DSM) prior to 6.2-23739-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.
Synology Diskstation Manager
8.8
CVSSv3
CVE-2018-13285
Command injection vulnerability in ftpd in Synology Router Manager (SRM) prior to 1.1.7-6941-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.
Synology Router Manager
7.8
CVSSv3
CVE-2023-40303
GNU inetutils prior to 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before ...
Gnu Inetutils
7.5
CVSSv3
CVE-2023-45198
ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd (the portable version of NetBSD ftpd) prior to 20231001 is also vulnerable.
Netbsd Tnftpd
Netbsd Ftpd
7.5
CVSSv3
CVE-2021-40524
In Pure-FTPd prior to 1.0.50, an incorrect max_filesize quota mechanism in the server allows malicious users to upload files of unbounded size, which may lead to denial of service or a server hang. This occurs because a certain greater-than-zero test does not anticipate an initia...
Pureftpd Pure-ftpd
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »