0.004 Low
EPSS
Percentile
72.1%
In uftpd before 2.12, handle_CWD in ftpcmd.c mishandled the path provided by the user, causing a NULL pointer dereference and denial of service, as demonstrated by a CWD /… command.
lists.opensuse.org/opensuse-security-announce/2020-06/msg00052.html
bugs.gentoo.org/726308
github.com/troglobit/uftpd/issues/30
github.com/troglobit/uftpd/releases/tag/v2.12