The ABB IDAL FTP server mishandles format strings in a username during the authentication process. Attempting to authenticate with the username %s%p%x%d will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
abb pb610_panel_builder_600_firmware |