CVE-2022-50687

CVE-2022-50687 affects Cobian Backup 11 Gravity 11.2.0.582. The vulnerability is a denial-of-service in the FTP password input field: a specially crafted 800-byte buffer pasted into the password field can crash the application. Documented as a local attack (attack vector: LOCAL; attack complexity...

CVE-2025-14910

A vulnerability was detected in Edimax BR-6208AC 1.02. This impacts the function handleretr of the component FTP Daemon Service. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used. Edimax confirms this issue: "This product is...

CVE-2025-14910

The CVE-2025-14910 entry concerns Edimax BR-6208AC (firmware 1.02) with a path traversal flaw in the FTP Daemon Service’s handle_retr function. The vulnerability allows remote manipulation to traverse filesystem paths. Public exploits exist, and the issue is tied to a discontinued device with no ...

CVE-2025-14910 Edimax BR-6208AC FTP Daemon Service handle_retr path traversal

A vulnerability was detected in Edimax BR-6208AC 1.02. This impacts the function handleretr of the component FTP Daemon Service. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used. Edimax confirms this issue: "This product is...

CVE-2025-14910 Edimax BR-6208AC FTP Daemon Service handle_retr path traversal

A vulnerability was detected in Edimax BR-6208AC 1.02. This impacts the function handleretr of the component FTP Daemon Service. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used. Edimax confirms this issue: "This product is...

EUVD-2025-204431

A vulnerability was detected in Edimax BR-6208AC 1.02. This impacts the function handleretr of the component FTP Daemon Service. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used. Edimax confirms this issue: "This product is...

PT-2025-52401

A vulnerability was detected in Edimax BR-6208AC 1.02. This impacts the function handle retr of the component FTP Daemon Service. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used. Edimax confirms this issue: "This product i...

Konica Bizhub Multifunction Printers Exposure of Sensitive Information to an Unauthorized Actor (CVE-2021-20871)

If a scanning destination that requires the registration of authentication information, such as FTP, SMB, or WebDAV, is registered in the address book of a multifunction printer, a remote attacker could steal the registered authentication information by sending a specific SOAP message...

CVE-2025-67737

AzuraCast is a self-hosted, all-in-one web radio management suite. Versions 0.23.1 mistakenly include an API endpoint that is intended for internal use by the SFTP software sftpgo, exposing it to the public-facing HTTP API for AzuraCast installations. A user with specific internal knowledge of a...

AZL-72509 CVE-2025-68206 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. due to need to re-write packet payload IP, port on the ftp control connection. This can requi...

UBUNTU-CVE-2025-68206

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. due to need to re-write packet payload IP, port on the ftp control connection. This can requi...

CVE-2025-68206 netfilter: nft_ct: add seqadj extension for natted connections

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. due to need to re-write packet payload IP, port on the ftp control connection. This can requi...

CVE-2025-68206

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. due to need to re-write packet payload IP, port on the ftp control connection. This can requi...

CVE-2025-68206

In CVE-2025-68206, the Linux kernel netfilter nft_ct subsystem is fixed by adding a seqadj extension for natted connections. The issue affected FTP traffic (PASV/EPSV modes) where NAT rewrites of FTP control payloads could require adjustments to TCP length and the expected seq/ack_seq, breaking o...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of sequence adjustment support, which could result in an interrupted FTP connection...

ROS-20251216-7307

A vulnerability in the FTP Client component of the Apache Commons Net library is related to the use of open redirection with insufficient input data validation during PASV response processing. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected...

CVE-2025-36747

ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insecure FTP connection with the server. This may allow an attacker to replace legitimate files being deployed to devices with their own malicious versions, since the firmwar...

Xlight FTP Server 安全漏洞

Xlight FTP Server is an FTP server software from Xlight open source. A security vulnerability exists in Xlight FTP Server version 3.9.3.6, which stems from a stack buffer overflow in the Execute Program configuration that could cause the application to crash...

CVE-2024-58299

PCMan FTP Server 2.0 contains a buffer overflow vulnerability in the 'pwd' command that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted payload during the FTP login process to overwrite memory and potentially gain system access...

EUVD-2025-203250

ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insecure FTP connection with the server. This may allow an attacker to replace legitimate files being deployed to devices with their own malicious versions, since the firmwar...