Buffer overflow in SpoonFTP 1.0.0.12 allows remote malicious users to execute arbitrary code via a long argument to the commands (1) CWD or (2) LIST.
pi-soft spoonftp 1.0.0.12