Lucene search

VulDBCVELIST:CVE-2024-0546

HistoryJan 15, 2024 - 6:00 a.m.

CVE-2024-0546 EasyFTP LIST Command denial of service

2024-01-1506:00:07

CWE-404

VulDB

www.cve.org

easyftp

1.7.0

list command

denial of service

remote exploit

vdb-250715

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS

0.001

Percentile

34.8%

JSON

A vulnerability, which was classified as problematic, has been found in EasyFTP 1.7.0. This issue affects some unknown processing of the component LIST Command Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250715.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "EasyFTP",
    "versions": [
      {
        "version": "1.7.0",
        "status": "affected"
      }
    ],
    "modules": [
      "LIST Command Handler"
    ]
  }
]

References

packetstormsecurity.com/files/94905/EasyFTP-1.7.0.x-Denial-Of-Service.html

vuldb.com/?ctiid.250715

vuldb.com/?id.250715

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS

0.001

Percentile

34.8%

JSON

Related for CVELIST:CVE-2024-0546