898 matches found
CVE-2025-6625
CVE-2025-6625 affects Schneider Electric Modicon M340 controllers and several Ethernet/communication modules (e.g., BMXNOR0200H, BMXNGD0100, BMXNOC0401, BMXNOE0100, BMXNOE0110) with an improper input validation flaw that can cause Denial of Service by sending a specially crafted FTP command. Publ...
PT-2025-33644 · Ftp · Ftp
Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: An Improper Input Validation issue exists that may lead to a Denial of Service when a specifically crafted FTP command is sent to the device. Recommendations: At the moment, there is no information...
Linux Distros Unpatched Vulnerability : CVE-2019-9807
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When arbitrary text is sent over an FTP connection and a page reload is initiated, it is possible to create a modal alert message with this text as the content...
CVE-2011-10010
QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this flaw by submitting crafted sequences to access or write files outside the intended virtual directory. When the...
CVE-2011-10010
QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this flaw by submitting crafted sequences to access or write files outside the intended virtual directory. When the...
QuickShare File Server 安全漏洞
QuickShare File Server is a file sharing server software from QuickShare, Inc. A security vulnerability exists in QuickShare File Server version 1.2.1, which stems from an improperly cleaned path to user-supplied files by the FTP service, which could lead to a path traversal attack...
SRC-2025-0001 : Samsung MagicINFO 9 Server ResponseBootstrappingActivity Exposed Dangerous Method Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO. Authentication is required and SaaS environment needs to be configured. The specific flaw exists within ability to dynamically create FTP accounts. An attack...
BIT-LIBPYTHON-2021-4189
A flaw was found in Python, specifically in the FTP File Transfer Protocol client library in PASV passive mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecti...
CVE-2025-50927
A reflected cross-site scripting XSS vulnerability in the List All FTP User Function in EHCP v20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via injecting a crafted payload into the ftpusername parameter...
CVE-2025-50927
CVE-2025-50927 concerns EHCP v20.04.1.b where the List All FTP User Function is vulnerable to reflected XSS via the ftpusername parameter. Authenticated attackers can inject JavaScript, potentially enabling session hijacking or redirection to malicious sites. Public writeups describe the vulnerab...
freeFTPd 安全漏洞
freeFTPd is an open source FTP File Transfer Protocol server by freeFTPd. A security vulnerability exists in freeFTPd 1.0.10 and earlier versions, which stems from improper boundary checking when handling FTP PASS commands, and could lead to memory corruption and arbitrary code execution...
The vulnerability of the FTP service provided by TOTOLINK N600R and X2000R microprogrammable router software allows attackers to increase their privileges.
The vulnerability of the FTP service provided by TOTOLINK N600R and X2000R microprogrammed router software is related to the improper assignment of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
CVE-2025-46118
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139 and in Ruckus ZoneDirector prior to 10.5.1.0.279, where hard-coded credentials for the ftpuser account provide FTP access to the controller, enabling a remote attacker to upload or retrieve arbitrary...
CVE-2025-34129
A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicio...
LabF WinaXe FTP Client 安全漏洞
LabF WinaXe FTP Client is a tool for file transfer on Windows systems from LabF Corporation. A security vulnerability exists in LabF WinaXe FTP Client version 7.7, which stems from improper boundary checking by the FTP banner parsing function, which could result in a buffer overflow...
Wing FTP Server 安全漏洞
Wing FTP Server is a set of cross-platform FTP server software open-sourced by Wing FTP Server. A security vulnerability exists in Wing FTP Server versions prior to 7.4.4, which originates from loginok.html disclosing the local installation path...
The vulnerability of SAFECAM X300 video recorder software-related microprogramming systems, which stems from the use of default account data, allows a intruder to gain unauthorized access to protected information.
The vulnerability of SAFECAM X300 video recorder software’s microprogramming system is related to the use of default login credentials when connected to an FTP server. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...
CVE-2024-51984
An authenticated attacker can reconfigure the target device to use an external service such as LDAP or FTP controlled by the attacker. If an existing password is present for an external service, the attacker can force the target device to authenticate to an attacker controlled device using the...
CVE-2025-49197
The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account...
CVE-2025-5549
A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component PASV Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed t...