898 matches found
CVE-2025-68206
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. due to need to re-write packet payload IP, port on the ftp control connection. This can requi...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of sequence adjustment support, which could result in an interrupted FTP connection...
CVE-2024-58299
PCMan FTP Server 2.0 contains a buffer overflow vulnerability in the 'pwd' command that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted payload during the FTP login process to overwrite memory and potentially gain system access...
CVE-2025-36747
ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insecure FTP connection with the server. This may allow an attacker to replace legitimate files being deployed to devices with their own malicious versions, since the firmwar...
CVE-2025-36747 Hardcoded FTP Credentials within the firmware
ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insecure FTP connection with the server. This may allow an attacker to replace legitimate files being deployed to devices with their own malicious versions, since the firmwar...
CVE-2025-36747 Hardcoded FTP Credentials within the firmware
ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insecure FTP connection with the server. This may allow an attacker to replace legitimate files being deployed to devices with their own malicious versions, since the firmwar...
Growatt ShineLan-X 安全漏洞
Growatt ShineLan-X is a data logger for PV inverters from Growatt, a Chinese company. A security vulnerability exists in the Growatt ShineLan-X that stems from the inclusion of FTP server credentials in the firmware, which could lead to the replacement of legitimate files with malicious versions...
PT-2025-51097
ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insecure FTP connection with the server. This may allow an attacker to replace legitimate files being deployed to devices with their own malicious versions, since the firmwar...
EUVD-2024-55352
PCMan FTP Server 2.0 contains a buffer overflow vulnerability in the 'pwd' command that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted payload during the FTP login process to overwrite memory and potentially gain system access...
TFTP Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute an PPC payload from an TFTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/tftp/ppc/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...show...
CVE-2025-11759
CVE-2025-11759 affects the WordPress plugin “Backup, Restore and Migrate your sites with XCloner” (versions up to and including 4.8.2). The issue is a Cross-Site Request Forgery (CSRF) due to missing/incorrect nonce validation in the Xcloner_Remote_Storage:save() function, enabling unauthenticate...
curl: Infinite loop issue in the state machine of the curl project
Summary: Vulnerability impact: When curl attempts to download files from a malicious FTP server, it triggers an infinite loop in the code execution. I discovered this issue in the FTP functionality of the curl project .As described in...
TencentOS Server 3: container-tools:rhel8 (TSSA-2025:0301)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0301 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
SolarWinds Serv-U 路径遍历漏洞
SolarWinds Serv-U is an FTP File Transfer Protocol server software from SolarWinds Corporation. SolarWinds Serv-U suffers from a path traversal vulnerability that stems from a path restriction bypass, which could allow an attacker with administrator privileges to execute code in a directory...
Maxum Rumpus FTP Server 跨站脚本漏洞
Maxum Rumpus FTP Server is an FTP server software from Maxum. A cross-site scripting vulnerability exists in Maxum Rumpus FTP Server version 9.0.12, which stems from improper input neutralization and could lead to cross-site scripting attacks...
Maxum Rumpus FTP Server 输入验证错误漏洞
Maxum Rumpus FTP Server is an FTP server software from Maxum. An input validation error vulnerability exists in Maxum Rumpus FTP Server version 9.0.12 that stems from improper input validation...
CVE-2018-25125 Netis DL4322D RTK 2.1.1 FTP Service DoS
Netis ADSL Router DL4322D firmware RTK 2.1.1 contains a buffer overflow vulnerability in the embedded FTP service that allows an authenticated remote user to trigger a denial of service. After logging in to the FTP service, sending an FTP command such as ABOR with an excessively long argument...
EUVD-2018-21612
Netis ADSL Router DL4322D firmware RTK 2.1.1 contains a buffer overflow vulnerability in the embedded FTP service that allows an authenticated remote user to trigger a denial of service. After logging in to the FTP service, sending an FTP command such as ABOR with an excessively long argument...
Siemens RUGGEDCOM ROS Devices Improper Check for Unusual or Exceptional Conditions (CVE-2021-42020)
The third-party component, in its TFTP functionality fails to check for null terminations in file names. If an attacker were to exploit this, it could result in data corruption, and possibly a hard-fault of the application. This plugin only works with Tenable.ot. Please visit...
Siemens SIMATIC S7-1500 Improper Authentication (CVE-2023-27535)
An authentication bypass vulnerability exists in libcurl 8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain...