Lucene search
K

898 matches found

ATTACKERKB
ATTACKERKB
added 2025/12/16 1:48 p.m.5 views

CVE-2025-68206

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. due to need to re-write packet payload IP, port on the ftp control connection. This can requi...

5.6AI score0.00173EPSS
Exploits0References8Affected Software1
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of sequence adjustment support, which could result in an interrupted FTP connection...

6.2AI score0.00173EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/13 8:2 p.m.5 views

CVE-2024-58299

PCMan FTP Server 2.0 contains a buffer overflow vulnerability in the 'pwd' command that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted payload during the FTP login process to overwrite memory and potentially gain system access...

9.8CVSS8.2AI score0.00712EPSS
Exploits0References1
NVD
NVD
added 2025/12/13 4:16 p.m.8 views

CVE-2025-36747

ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insecure FTP connection with the server. This may allow an attacker to replace legitimate files being deployed to devices with their own malicious versions, since the firmwar...

9.8CVSS0.00285EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/13 8:16 a.m.3 views

CVE-2025-36747 Hardcoded FTP Credentials within the firmware

ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insecure FTP connection with the server. This may allow an attacker to replace legitimate files being deployed to devices with their own malicious versions, since the firmwar...

9.4CVSS6.5AI score0.00285EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/13 8:16 a.m.22 views

CVE-2025-36747 Hardcoded FTP Credentials within the firmware

ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insecure FTP connection with the server. This may allow an attacker to replace legitimate files being deployed to devices with their own malicious versions, since the firmwar...

9.4CVSS0.00285EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/13 12:0 a.m.2 views

Growatt ShineLan-X 安全漏洞

Growatt ShineLan-X is a data logger for PV inverters from Growatt, a Chinese company. A security vulnerability exists in the Growatt ShineLan-X that stems from the inclusion of FTP server credentials in the firmware, which could lead to the replacement of legitimate files with malicious versions...

9.8CVSS6.6AI score0.00285EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/13 12:0 a.m.7 views

PT-2025-51097

ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insecure FTP connection with the server. This may allow an attacker to replace legitimate files being deployed to devices with their own malicious versions, since the firmwar...

9.4CVSS6.9AI score0.00285EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/12 9:31 p.m.4 views

EUVD-2024-55352

PCMan FTP Server 2.0 contains a buffer overflow vulnerability in the 'pwd' command that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted payload during the FTP login process to overwrite memory and potentially gain system access...

9.8CVSS7.6AI score0.00712EPSS
Exploits0References4
Metasploit
Metasploit
added 2025/12/09 6:55 p.m.319 views

TFTP Fetch, Linux Command Shell, Bind TCP Inline

Fetch and execute an PPC payload from an TFTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/tftp/ppc/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...show...

5.8AI score
Exploits0
CVE
CVE
added 2025/12/05 1:55 a.m.11 views

CVE-2025-11759

CVE-2025-11759 affects the WordPress plugin “Backup, Restore and Migrate your sites with XCloner” (versions up to and including 4.8.2). The issue is a Cross-Site Request Forgery (CSRF) due to missing/incorrect nonce validation in the Xcloner_Remote_Storage:save() function, enabling unauthenticate...

4.3CVSS4.9AI score0.00102EPSS
Exploits0References2
Hacker One
Hacker One
added 2025/11/26 8:34 a.m.21 views

curl: Infinite loop issue in the state machine of the curl project

Summary: Vulnerability impact: When curl attempts to download files from a malicious FTP server, it triggers an infinite loop in the code execution. I discovered this issue in the FTP functionality of the curl project .As described in...

7.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.4 views

TencentOS Server 3: container-tools:rhel8 (TSSA-2025:0301)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0301 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

7.5CVSS6.9AI score0.00868EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.4 views

SolarWinds Serv-U 路径遍历漏洞

SolarWinds Serv-U is an FTP File Transfer Protocol server software from SolarWinds Corporation. SolarWinds Serv-U suffers from a path traversal vulnerability that stems from a path restriction bypass, which could allow an attacker with administrator privileges to execute code in a directory...

9.1CVSS7.2AI score0.00984EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/17 12:0 a.m.4 views

Maxum Rumpus FTP Server 跨站脚本漏洞

Maxum Rumpus FTP Server is an FTP server software from Maxum. A cross-site scripting vulnerability exists in Maxum Rumpus FTP Server version 9.0.12, which stems from improper input neutralization and could lead to cross-site scripting attacks...

6.1CVSS6AI score0.00149EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/17 12:0 a.m.3 views

Maxum Rumpus FTP Server 输入验证错误漏洞

Maxum Rumpus FTP Server is an FTP server software from Maxum. An input validation error vulnerability exists in Maxum Rumpus FTP Server version 9.0.12 that stems from improper input validation...

9.8CVSS6.8AI score0.0022EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/14 10:52 p.m.12 views

CVE-2018-25125 Netis DL4322D RTK 2.1.1 FTP Service DoS

Netis ADSL Router DL4322D firmware RTK 2.1.1 contains a buffer overflow vulnerability in the embedded FTP service that allows an authenticated remote user to trigger a denial of service. After logging in to the FTP service, sending an FTP command such as ABOR with an excessively long argument...

8.7CVSS0.00425EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/14 10:52 p.m.4 views

EUVD-2018-21612

Netis ADSL Router DL4322D firmware RTK 2.1.1 contains a buffer overflow vulnerability in the embedded FTP service that allows an authenticated remote user to trigger a denial of service. After logging in to the FTP service, sending an FTP command such as ABOR with an excessively long argument...

8.7CVSS6.8AI score0.00425EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/14 12:0 a.m.6 views

Siemens RUGGEDCOM ROS Devices Improper Check for Unusual or Exceptional Conditions (CVE-2021-42020)

The third-party component, in its TFTP functionality fails to check for null terminations in file names. If an attacker were to exploit this, it could result in data corruption, and possibly a hard-fault of the application. This plugin only works with Tenable.ot. Please visit...

7.5CVSS7.4AI score0.00946EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.3 views

Siemens SIMATIC S7-1500 Improper Authentication (CVE-2023-27535)

An authentication bypass vulnerability exists in libcurl 8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain...

5.9CVSS6.7AI score0.01607EPSS
Exploits1References8
Rows per page
Query Builder