Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Tftp Server Security Vulnerabilities

cve
cve

CVE-2001-0783

Cisco TFTP server 1.1 allows remote attackers to read arbitrary files via a ..(dot dot) attack in the GET command.

7AI Score

0.005EPSS

2001-10-18 04:00 AM
17
cve
cve

CVE-2002-1209

Directory traversal vulnerability in SolarWinds TFTP Server 5.0.55, and possibly earlier, allows remote attackers to read arbitrary files via ".." (dot-dot backslash) sequences in a GET request.

6.8AI Score

0.03EPSS

2002-11-04 05:00 AM
27
cve
cve

CVE-2002-1542

SolarWinds TFTP server 5.0.55 and earlier allows remote attackers to cause a denial of service (crash) via a large UDP datagram, possibly triggering a buffer overflow.

6.9AI Score

0.041EPSS

2003-03-31 05:00 AM
28
cve
cve

CVE-2002-2237

tftp32 TFTP server 2.21 and earlier allows remote attackers to cause a denial of service via a GET request with a DOS device name such as com1 or aux.

6.7AI Score

0.017EPSS

2007-10-14 08:00 PM
29
cve
cve

CVE-2006-1951

Directory traversal vulnerability in SolarWinds TFTP Server 8.1 and earlier allows remote attackers to download arbitrary files via a crafted GET request including "....//" sequences, which are collapsed into "../" sequences by filtering.

6.7AI Score

0.008EPSS

2006-04-24 11:02 PM
24
cve
cve

CVE-2006-1952

Directory traversal vulnerability in WinAgents TFTP Server for Windows 3.1 and earlier allows remote attackers to read arbitrary files via "..." (triple dot) sequences in a GET request.

6.8AI Score

0.007EPSS

2006-04-24 11:02 PM
18
cve
cve

CVE-2007-1435

Buffer overflow in D-Link TFTP Server 1.0 allows remote attackers to cause a denial of service (crash) via a long (1) GET or (2) PUT request, which triggers memory corruption. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

6.8AI Score

0.58EPSS

2007-03-13 07:19 PM
25
cve
cve

CVE-2009-3115

SolarWinds TFTP Server 9.2.0.111 and earlier allows remote attackers to cause a denial of service (service stop) via a crafted Option Acknowledgement (OACK) request. NOTE: some of these details are obtained from third party information.

6.8AI Score

0.032EPSS

2009-09-09 10:30 PM
22
cve
cve

CVE-2010-1174

Cisco TFTP Server 1.1 allows remote attackers to cause a denial of service (daemon crash) via a crafted (1) read (aka RRQ) or (2) write (aka WRQ) request, or other TFTP packet. NOTE: some of these details are obtained from third party information.

6.8AI Score

0.006EPSS

2010-03-29 07:30 PM
17
cve
cve

CVE-2010-2115

SolarWinds TFTP Server 10.4.0.10 allows remote attackers to cause a denial of service (no new connections) via a crafted read request.

6.7AI Score

0.501EPSS

2010-05-28 08:30 PM
26
cve
cve

CVE-2010-2310

SolarWinds TFTP Server 10.4.0.13 allows remote attackers to cause a denial of service (crash) via a long write request.

6.8AI Score

0.013EPSS

2010-06-16 08:30 PM
22
cve
cve

CVE-2011-4722

Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.

6.8AI Score

0.094EPSS

2014-12-28 02:59 AM
18
cve
cve

CVE-2023-29930

An issue was found in Genesys CIC Polycom phone provisioning TFTP Server all version allows a remote attacker to execute arbitrary code via the login crednetials to the TFTP server configuration page.

8.8CVSS

8.8AI Score

0.004EPSS

2023-05-10 03:15 PM
31