Lucene search
K

3503 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/05 6:45 a.m.3 views

CVE-2026-2743

Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer LFT. This issue affects SeppMail: 15.0.2.1 and before...

10CVSS5.8AI score0.00842EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/05 6:45 a.m.32 views

CVE-2026-2743 SEPPmail User Web Interface Arbitrary File Write to RCE

Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer LFT. This issue affects SeppMail: 15.0.2.1 and before...

10CVSS0.00842EPSS
Exploits0References2
CVE
CVE
added 2026/03/05 6:45 a.m.15 views

CVE-2026-2743

SEPPmail UX: CVE-2026-2743 describes Arbitrary File Write via a Path Traversal in the Seppmail User Web Interface’s Large File Transfer feature, enabling Remote Code Execution on versions up to 15.0.2.1. The connected records confirm the affected product and the underlying vulnerability path but ...

10CVSS5.8AI score0.00842EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.7 views

SEPPmail 路径遍历漏洞

SEPPmail is an email encryption and signature solution provided by the Swiss company SEPPmail. Versions of SEPPmail 15.0.2.1 and earlier contained a path traversal vulnerability. This vulnerability stemmed from the large file transfer feature’s susceptibility to path traversal attacks, which coul...

10CVSS6.5AI score0.17015EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.5 views

PT-2026-23410

Name of the Vulnerable Software and Affected Versions SeppMail versions prior to 15.0.2.1 Description The User Web Interface contains a flaw in the large file transfer LFT feature. This allows arbitrary file write via path traversal upload, which can lead to remote code execution. Path traversal ...

10CVSS6.4AI score0.00842EPSS
Exploits0References14
Packet Storm
Packet Storm
added 2026/03/05 12:0 a.m.112 views

📄 basic-ftp downloadToDir() Path Traversal

basic-ftp versions prior to 5.2.0 suffer from a path traversal vulnerability in downloadToDir. ============================================================================================================================================= | Title : basic-ftp prior to version 5.2.0 Path Traversal in...

5.9AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/04 5:22 p.m.5 views

CVE-2026-20062

A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance ASA Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in one context to copy files to or from another context, including configuration files. This...

7.2CVSS6AI score0.0012EPSS
Exploits0References1
NVD
NVD
added 2026/03/04 8:16 a.m.4 views

CVE-2026-28778

International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver contains undocumented, hardcoded/insecure credentials for the xd user account. A remote unauthenticated attacker can log in via FTP using these credentials. Because the xd user has write permissions to their home...

9.8CVSS0.00849EPSS
Exploits1References1
NVD
NVD
added 2026/03/03 8:16 p.m.10 views

CVE-2024-55021

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded password in the FTP protocol...

7.5CVSS0.00337EPSS
Exploits0References2
OSV
OSV
added 2026/03/03 8:16 p.m.5 views

CVE-2024-55021

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded password in the FTP protocol...

7.5CVSS5.8AI score0.00337EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/03 12:0 a.m.1 views

CVE-2024-55021

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded password in the FTP protocol...

5.9AI score0.00337EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/03 12:0 a.m.4 views

EUVD-2024-55460

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded password in the FTP protocol...

5.9AI score0.00337EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/03 12:0 a.m.3 views

CVE-2024-55021

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded password in the FTP protocol...

5.9AI score0.00337EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/03 12:0 a.m.25 views

CVE-2024-55021

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded password in the FTP protocol...

0.00337EPSS
Exploits0References2
CVE
CVE
added 2026/03/03 12:0 a.m.13 views

CVE-2024-55021

The CVE-2024-55021 entry concerns Weintek cMT-3072XH2 easyweb v2.1.53 running OS v20231011, which reportedly contains a hardcoded password in the FTP protocol. The Red Hat/NVD references confirm an affected product and indicate an impact on confidentiality (C: High) with no integrity or availabil...

7.5CVSS5.9AI score0.00337EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.5 views

PT-2026-22778

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded password in the FTP protocol...

5.9AI score0.00337EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/02/27 9:25 p.m.7 views

@activeboxes/piece-sftp (=0.2.6), @activepieces/piece-apify (=0.2.1) +25 more potentially affected by CVE-2026-27699 via basic-ftp (>=5.0.2 <=5.1.0)

basic-ftp NPM version =5.0.2, =0.2.6, =1.0.0, =1.0.0, =2.0.18, =1.9.2, =1.2.0, =4.6.0-blowfish, =1.0.3, =1.0.4, =0.1.1, =0.2.0 and more Source cves: CVE-2026-27699 Source advisory: SNYK:JS-BASICFTP-15366428...

9.8CVSS7.2AI score0.00528EPSS
Exploits2
SUSE CVE
SUSE CVE
added 2026/02/27 12:24 a.m.6 views

SUSE CVE-2026-28295

A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode PASV response. The client unconditionally trusts this information and attempts to connect to the specified endpoint, allowing the...

4.3CVSS5.8AI score0.00186EPSS
Exploits0References7
EUVD
EUVD
added 2026/02/26 6:31 p.m.6 views

EUVD-2026-8861

A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containing carriage return and line feed CRLF sequences. These unsanitized sequences allow the attacker to terminate intended FTP commands and...

4.3CVSS6.4AI score0.0036EPSS
Exploits2References3
OSV
OSV
added 2026/02/26 4:24 p.m.4 views

DEBIAN-CVE-2026-28296

A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containing carriage return and line feed CRLF sequences. These unsanitized sequences allow the attacker to terminate intended FTP commands and...

4.3CVSS8.9AI score0.0036EPSS
Exploits2References1
Rows per page
Query Builder