NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads attacker to execute arbitrary code by sending a crafted filename.
[
{
"product": "XFTP",
"vendor": "NetSarang",
"versions": [
{
"status": "affected",
"version": "6.0149 and earlier"
}
]
}
]