Files or folders are removed unexpectedly when you perform a cut-and-paste operation on a Windows FTP client that is connected to an FTP site

Files or folders are removed unexpectedly when you perform a cut-and-paste operation on a Windows FTP client that is connected to an FTP site Symptoms Consider the following scenario: You access an FTP site on a computer that is running Windows Server 2008 SP2, Windows 7 SP1, Windows Server 2008 ...

DNSteal v2.0 - DNS Exfiltration Tool For Stealthily Sending Files Over DNS Requests

This is a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests. Below are a couple of different images showing examples of multiple file transfer and single verbose file transfer: Support for multiple files Gzip compression supported Now supports...

DEBIAN-CVE-2020-1934

In Apache HTTP Server 2.4.0 to 2.4.41, modproxyftp may use uninitialized memory when proxying to a malicious FTP server...

ALPINE-CVE-2020-1934

In Apache HTTP Server 2.4.0 to 2.4.41, modproxyftp may use uninitialized memory when proxying to a malicious FTP server...

FlashFXP Local Denial of Service Vulnerability

FlashFXP is a popular FTP client program. FlashFXP suffers from a local denial of service vulnerability. An attacker can exploit the vulnerability to cause a denial of service attack...

Moderate: Red Hat Security Advisory: lftp security update

An update for lftp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

VulnCheck KEV: CVE-2025-34129

A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a...

SolarWinds Serv-U Managed File Transfer Web client Cross-Site Request Forgery Vulnerability

SolarWinds Serv-U Managed File Transfer Web client MFT is a file transfer client application from the American company SolarWinds. A cross-site request forgery vulnerability exists in the file upload feature of the SolarWinds Serv-U MFT Web client prior to version 15.1.6 Hotfix 2. An attacker can...

CVE-2019-12769

SolarWinds Serv-U Managed File Transfer MFT Web client before 15.1.6 Hotfix 2 is vulnerable to Cross-Site Request Forgery in the file upload functionality via ?Command=Upload with the Dir and File parameters...

RICOH SP C250DN Trust Management Issues Vulnerability

The RICOH SP C250DN is a printer from the Japanese company Ricoh RICOH. A security vulnerability exists in the Ricoh SP C250DN version 1.05, which originates from the presence of hard-coded FTP service credentials in the printer firmware. The vulnerability can be exploited by an attacker to acces...

CVE-2019-14309

Ricoh SP C250DN 1.05 devices have a fixed password. FTP service credential were found to be hardcoded within the printer firmware. This would allow to an attacker to access and read information stored on the shared FTP folders...

Denial of Service Vulnerability in ZTE ZXR10 1800-2S (CNVD-2020-23632)

The ZTE ZXR10 1800-2S is a multi-service smart router manufactured by ZTE Corporation. A denial of service vulnerability exists in the ZTE ZXR10 1800-2S. An attacker interrupts the terminal after downloading an oversized version of a file via FTP, which leads to a command conflict on the target...

Wing FTP Server Local Elevation of Privilege Vulnerability

Wing FTP Server is an easy-to-use, secure and reliable FTP server software for Windows, Linux, Mac OS and Solaris. A local elevation of privilege vulnerability exists in Wing FTP Server 6.2.3. The vulnerability stems from Wing FTP Server setting insecure permissions on the installation directory...

curl: FTP path trickery leads to NIL byte out of bounds write

It was found that libcurl did not safely parse FTP URLs when using the CURLOPTFTPFILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash or an unspecified behavior...

curl: FTP path trickery leads to NIL byte out of bounds write

It was found that libcurl did not safely parse FTP URLs when using the CURLOPTFTPFILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash or an unspecified behavior...

FileZilla: FileZilla 3.46.3 - 'Scale factor' Buffer Overflow

Summary: FileZilla in has a problem in the "Scale Factor" field is vulnerable to a Buffer Over Flow attack or a denial attack. Adding random characters in an entry that must accept only Float input type values. Steps To Reproduce: A python file of name generatepaste.py was generated for the...

Maxum Rumpus Cross-Site Scripting Vulnerability

Maxum Rumpus is an FTP and Web file transfer server. A cross-site scripting vulnerability exists in Maxum Rumpus that can be exploited by an attacker to execute client-side code...

FTPGetter Code Issue Vulnerability

FTPGetter is a file transfer tool from the FTPGetter team that supports FTP and SFTP protocols. A code issue vulnerability exists in FTPGetter Professional Edition version 5.97.0.223. The vulnerability stems from an improperly designed or implemented code development process for a network system ...

The vulnerability of the FTP file transfer protocol in Firefox browsers allows a hacker to induce a service failure.

The vulnerability of the FTP file transfer protocol in Firefox browsers is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the FTP file transfer protocol in Firefox browsers allows a hacker to induce a service failure.

The vulnerability of the FTP file transfer protocol in Firefox browsers is related to an authentication error that occurs when modal pop-ups are displayed. Exploiting this vulnerability can allow a malicious actor to cause service failures...