NetWin SurgeFTP 2.0f and previous versions encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote malicious users to conduct brute force password guessing attacks against the administrator account on port 7021.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netwin surgeftp 2.0c |
||
netwin surgeftp 2.0a |
||
netwin surgeftp 2.0d |
||
netwin surgeftp 2.0e |
||
netwin surgeftp 2.0f |
||
netwin surgeftp 2.0b |