Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tftp-server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-8476
A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory, aka "Windows Deployment Services TFTP Server Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, W...
Microsoft Windows Server 2019 -
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2012 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 R2
NA
CVE-2000-0015
CascadeView TFTP server allows local users to gain privileges via a symlink attack.
Ascend Cascadeview Ux 1.0
1 EDB exploit
NA
CVE-2011-4821
Directory traversal vulnerability in the TFTP server in D-Link DIR-601 Wireless N150 Home Router with firmware 1.02NA allows remote malicious users to read arbitrary files via unspecified vectors.
Dlink Dir-601 Firmware 1.02na
Dlink Dir-601 -
NA
CVE-2002-0395
The TFTP server for Red-M 1050 (Bluetooth Access Point) can not be disabled and makes it easier for remote malicious users to crack the administration password via brute force methods.
Red-m 1050ap Lan Acess Point
9.8
CVSSv3
CVE-2018-18439
DENX U-Boot up to and including 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP server because TFTP traffic is mishandled. Also, local exploitation can occur via a crafted kernel image.
Denx U-boot 2018.09
Denx U-boot
6.5
CVSSv3
CVE-2020-35233
The TFTP server fails to handle multiple connections on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices, and allows external malicious users to force device reboots by sending concurrent connections, aka a denial of service attack.
Netgear Gs116e Firmware 2.6.0.43
Netgear Jgs516pe Firmware 2.6.0.43
NA
CVE-2001-1426
Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 has a TFTP server running without a password, which allows remote malicious users to change firmware versions or the device's configurations.
Alcatel Speed Touch Home Khdsaa.133
Alcatel Speed Touch Home Khdsaa.134
Alcatel Speed Touch Home Khdsaa.108
Alcatel Speed Touch Home Khdsaa.132
NA
CVE-2004-2432
WinAgents TFTP Server 3.0 allows remote malicious users to cause a denial of service (crash) via a request for a file with a long file name, possibly due to an off-by-one buffer overflow.
NA
CVE-2004-0951
The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote malicious users to obtain sensitive information.
Hp Ignite-ux C.6.2.241
NA
CVE-2008-1310
Directory traversal vulnerability in the TFTP server in PacketTrap Networks pt360 Tool Suite 1.1.33.1.0, and other versions prior to 2.0.3900.0, allows remote malicious users to read and overwrite arbitrary files via directory traversal sequences in the pathname.
Packettrap Pt360 Tool Suite 1.1.33.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »