Lucene search
K

898 matches found

CVE
CVE
added 2025/08/18 6:58 a.m.23 views

CVE-2025-6625

CVE-2025-6625 affects Schneider Electric Modicon M340 controllers and several Ethernet/communication modules (e.g., BMXNOR0200H, BMXNGD0100, BMXNOC0401, BMXNOE0100, BMXNOE0110) with an improper input validation flaw that can cause Denial of Service by sending a specially crafted FTP command. Publ...

8.7CVSS7.1AI score0.00455EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/18 12:0 a.m.10 views

PT-2025-33644 · Ftp · Ftp

Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: An Improper Input Validation issue exists that may lead to a Denial of Service when a specifically crafted FTP command is sent to the device. Recommendations: At the moment, there is no information...

8.7CVSS6.3AI score0.00455EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-9807

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When arbitrary text is sent over an FTP connection and a page reload is initiated, it is possible to create a modal alert message with this text as the content...

4.3CVSS7.2AI score0.00791EPSS
Exploits1References2
NVD
NVD
added 2025/08/13 9:15 p.m.6 views

CVE-2011-10010

QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this flaw by submitting crafted sequences to access or write files outside the intended virtual directory. When the...

9.4CVSS0.01485EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2025/08/13 8:51 p.m.3 views

CVE-2011-10010

QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this flaw by submitting crafted sequences to access or write files outside the intended virtual directory. When the...

9.4CVSS6.5AI score0.01485EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/08/13 12:0 a.m.2 views

QuickShare File Server 安全漏洞

QuickShare File Server is a file sharing server software from QuickShare, Inc. A security vulnerability exists in QuickShare File Server version 1.2.1, which stems from an improperly cleaned path to user-supplied files by the FTP service, which could lead to a path traversal attack...

9.4CVSS6.6AI score0.01485EPSS
Exploits0References8
Source Incite
Source Incite
added 2025/08/13 12:0 a.m.138 views

SRC-2025-0001 : Samsung MagicINFO 9 Server ResponseBootstrappingActivity Exposed Dangerous Method Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO. Authentication is required and SaaS environment needs to be configured. The specific flaw exists within ability to dynamically create FTP accounts. An attack...

6.7AI score
Exploits0
OSV
OSV
added 2025/08/11 1:51 p.m.3 views

BIT-LIBPYTHON-2021-4189

A flaw was found in Python, specifically in the FTP File Transfer Protocol client library in PASV passive mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecti...

5.3CVSS6.7AI score0.02511EPSS
Exploits0References11
NVD
NVD
added 2025/08/08 6:15 p.m.5 views

CVE-2025-50927

A reflected cross-site scripting XSS vulnerability in the List All FTP User Function in EHCP v20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via injecting a crafted payload into the ftpusername parameter...

6.3CVSS0.00185EPSS
Exploits2References2
CVE
CVE
added 2025/08/08 12:0 a.m.18 views

CVE-2025-50927

CVE-2025-50927 concerns EHCP v20.04.1.b where the List All FTP User Function is vulnerable to reflected XSS via the ftpusername parameter. Authenticated attackers can inject JavaScript, potentially enabling session hijacking or redirection to malicious sites. Public writeups describe the vulnerab...

6.3CVSS5.5AI score0.00185EPSS
Exploits2References2Affected Software1
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.4 views

freeFTPd 安全漏洞

freeFTPd is an open source FTP File Transfer Protocol server by freeFTPd. A security vulnerability exists in freeFTPd 1.0.10 and earlier versions, which stems from improper boundary checking when handling FTP PASS commands, and could lead to memory corruption and arbitrary code execution...

9.8CVSS7.6AI score0.01712EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2025/07/28 12:0 a.m.5 views

The vulnerability of the FTP service provided by TOTOLINK N600R and X2000R microprogrammable router software allows attackers to increase their privileges.

The vulnerability of the FTP service provided by TOTOLINK N600R and X2000R microprogrammed router software is related to the improper assignment of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

9CVSS7.1AI score0.00905EPSS
Exploits1References2Affected Software2
OSV
OSV
added 2025/07/21 3:15 p.m.3 views

CVE-2025-46118

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139 and in Ruckus ZoneDirector prior to 10.5.1.0.279, where hard-coded credentials for the ftpuser account provide FTP access to the controller, enabling a remote attacker to upload or retrieve arbitrary...

5.3CVSS6AI score0.00501EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2025/07/16 9:26 p.m.3 views

CVE-2025-34129

A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicio...

8.7CVSS5.8AI score0.01077EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/15 12:0 a.m.2 views

LabF WinaXe FTP Client 安全漏洞

LabF WinaXe FTP Client is a tool for file transfer on Windows systems from LabF Corporation. A security vulnerability exists in LabF WinaXe FTP Client version 7.7, which stems from improper boundary checking by the FTP banner parsing function, which could result in a buffer overflow...

8.7CVSS7AI score0.00757EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/07/10 12:0 a.m.7 views

Wing FTP Server 安全漏洞

Wing FTP Server is a set of cross-platform FTP server software open-sourced by Wing FTP Server. A security vulnerability exists in Wing FTP Server versions prior to 7.4.4, which originates from loginok.html disclosing the local installation path...

10CVSS9AI score0.95343EPSS
Exploits24References4
BDU FSTEC
BDU FSTEC
added 2025/07/04 12:0 a.m.6 views

The vulnerability of SAFECAM X300 video recorder software-related microprogramming systems, which stems from the use of default account data, allows a intruder to gain unauthorized access to protected information.

The vulnerability of SAFECAM X300 video recorder software’s microprogramming system is related to the use of default login credentials when connected to an FTP server. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...

4.3CVSS5.5AI score0.00239EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/06/25 8:15 a.m.3 views

CVE-2024-51984

An authenticated attacker can reconfigure the target device to use an external service such as LDAP or FTP controlled by the attacker. If an existing password is present for an external service, the attacker can force the target device to authenticate to an attacker controlled device using the...

6.8CVSS7.2AI score0.00846EPSS
Exploits0References10Affected Software82
OSV
OSV
added 2025/06/12 3:15 p.m.6 views

CVE-2025-49197

The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account...

7.5CVSS5.8AI score
Exploits0References6
OSV
OSV
added 2025/06/04 1:15 a.m.5 views

CVE-2025-5549

A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component PASV Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed t...

9.8CVSS6.1AI score0.00565EPSS
Exploits1References4
Rows per page
Query Builder