Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tftp server vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2009-1730
Multiple directory traversal vulnerabilities in NetMechanica NetDecision TFTP Server 4.2 allow remote malicious users to read or modify arbitrary files via directory traversal sequences in the (1) GET or (2) PUT command.
Netmechanica Netdecision Tftp Server 4.2
1 EDB exploit
1000
VMScore
CVE-2008-2161
Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly other versions, allows remote malicious users to execute arbitrary code via a long TFTP error packet. NOTE: some of these details are obtained from third party information.
Tftp Tftp Server Sp 1.4
Tftp Tftp Server Sp 1.5
1 EDB exploit
1000
VMScore
CVE-2008-1611
Stack-based buffer overflow in TFTP Server SP 1.4 for Windows allows remote malicious users to cause a denial of service or execute arbitrary code via a long filename in a read or write request.
Tftp-server Winagents Tftp Server Sp 1.4
3 EDB exploits
1000
VMScore
CVE-2007-2639
Directory traversal vulnerability in TFTPdWin 0.4.2 allows remote malicious users to read or modify arbitrary files outside the TFTP root via unspecified vectors.
Prosysinfo Tftp Server Tftpdwin 0.4.2
1 EDB exploit
1000
VMScore
CVE-2007-1645
Buffer overflow in FutureSoft TFTP Server 2000 on Microsoft Windows 2000 SP4 allows remote malicious users to execute arbitrary code via a long request on UDP port 69. NOTE: this issue might overlap CVE-2006-4781 or CVE-2005-1812.
Futuresoft Tftp Server 2000
1 EDB exploit
1000
VMScore
CVE-2007-1435
Buffer overflow in D-Link TFTP Server 1.0 allows remote malicious users to cause a denial of service (crash) via a long (1) GET or (2) PUT request, which triggers memory corruption. NOTE: the provenance of this information is unknown; the details are obtained solely from third pa...
D-link Tftp Server 1.0
2 EDB exploits
1000
VMScore
CVE-2007-0888
Directory traversal vulnerability in the TFTP server in Kiwi CatTools prior to 3.2.0 beta allows remote malicious users to read arbitrary files, and upload files to arbitrary locations, via ..// (dot dot) sequences in the pathname argument to an FTP (1) GET or (2) PUT command.
Kiwi Enterprises Kiwi Cattools
1 EDB exploit
1000
VMScore
CVE-2006-6184
Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote malicious users to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.
Alliedtelesyn At-tftp
4 EDB exploits
2 Github repositories
1000
VMScore
CVE-2005-1812
Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote malicious users to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet.
Futuresoft Tftp Server 2000 1.0.0.1
2 EDB exploits
891
VMScore
CVE-2018-18439
DENX U-Boot up to and including 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP server because TFTP traffic is mishandled. Also, local exploitation can occur via a crafted kernel image.
Denx U-boot 2018.09
Denx U-boot
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »