PT-2026-1438

Name of the Vulnerable Software and Affected Versions H3C M102G HM1A0V200R010 wireless controller H3C BA1500L SWBA1A0V100R006 wireless access point Description A misconfiguration exists in the vsftpd component of the affected devices. This allows remote attackers to gain root-level control over t...

CVE-2025-60262

The CVE-2025-60262 entry applies to H3C M102G HM1A0V200R010 wireless controller and BA1500L SWBA1A0V100R006 wireless access point, due to a misconfiguration in the vsftpd component. The issue allows files uploaded anonymously via FTP to be owned by root, enabling remote attackers to gain root-lev...

PT-2026-1360

Name of the Vulnerable Software and Affected Versions Pterodactyl versions prior to 1.12.0 Description Pterodactyl, a game server management panel, does not terminate existing SFTP connections when a user's access is revoked or their permissions are modified. Specifically, if a user is connected ...

TFTP Fetch, Linux Chmod

Fetch and execute an RISC-V 32-bit payload from a TFTP server. Runs chmod on the specified file with specified mode. Module Options msf use payload/cmd/linux/tftp/riscv32le/chmod msf payloadchmod show actions ...actions... msf payloadchmod set ACTION msf payloadchmod show options ...show and set...

TFTP Fetch, Linux Reboot

Fetch and execute an RISC-V 32-bit payload from a TFTP server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/cmd/linux/tftp/riscv32le/reboot msf...

TFTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an RISC-V 32-bit payload from a TFTP server. Connect back to attacker and spawn a command shell. Module Options msf use payload/cmd/linux/tftp/riscv32le/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf...

TFTP Fetch, Linux Execute Command

Fetch and execute an RISC-V 64-bit payload from a TFTP server. Execute an arbitrary command Module Options msf use payload/cmd/linux/tftp/riscv64le/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options... msf payloadexec ru...

TFTP Fetch, Linux Command Shell, Bind TCP Inline

Fetch and execute an RISC-V 64-bit payload from a TFTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/tftp/riscv64le/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show...

TFTP Fetch, Linux Execute Command

Fetch and execute an RISC-V 32-bit payload from a TFTP server. Execute an arbitrary command Module Options msf use payload/cmd/linux/tftp/riscv32le/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options... msf payloadexec ru...

TFTP Fetch, Linux Chmod

Fetch and execute an RISC-V 64-bit payload from a TFTP server. Runs chmod on the specified file with specified mode. Module Options msf use payload/cmd/linux/tftp/riscv64le/chmod msf payloadchmod show actions ...actions... msf payloadchmod set ACTION msf payloadchmod show options ...show and set...

TFTP Fetch, Linux Command Shell, Bind TCP Inline

Fetch and execute an RISC-V 32-bit payload from a TFTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/tftp/riscv32le/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show...

EUVD-2026-0709

A flaw has been found in UTT 进取 512W 1.7.7-171114. This affects the function strcpy of the file /goform/formFtpServerDirConfig. Executing manipulation of the argument filename can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. The...

CVE-2025-48769

Use After Free vulnerability was discovered in fs/vfs/fsrename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocation and write to the previously freed heap chunk, that in...

CVE-2025-48768

Vulnerability: Apache NuttX RTOS contains an issue in fs/inode/fs_inoderemove that can enable root inode removal, triggering a debug assert, NULL pointer dereference (architecture-dependent), or denial of service. Affected versions: 10.0.0 through 12.9.9; impact arises for filesystem-based servic...

PT-2026-22157

Name of the Vulnerable Software and Affected Versions FTP GVfs backend affected versions not specified Description A flaw exists in the FTP GVfs backend where a malicious FTP server can exploit the system by providing a crafted passive mode PASV response containing an arbitrary IP address and por...

CVE-2022-50799

Fetch FTP Client 5.8.2 contains a denial of service vulnerability that allows attackers to trigger 100% CPU consumption by sending long server responses. Attackers can send specially crafted FTP server responses exceeding 2K bytes to cause excessive resource utilization and potentially crash the...

CVE-2022-50799 Fetch Softworks Fetch FTP Client 5.8.2 Remote CPU Consumption Denial of Service

Fetch FTP Client 5.8.2 contains a denial of service vulnerability that allows attackers to trigger 100% CPU consumption by sending long server responses. Attackers can send specially crafted FTP server responses exceeding 2K bytes to cause excessive resource utilization and potentially crash the...

PT-2025-54246

Name of the Vulnerable Software and Affected Versions Fetch FTP Client version 5.8.2 Description The Fetch FTP Client is subject to a denial of service condition. Attackers can exploit this by sending long server responses, specifically those exceeding 2K bytes, which leads to 100% CPU consumptio...

Fetch 安全漏洞

Fetch is an FTP file transfer client from Fetch USA. A security vulnerability exists in Fetch version 5.8.2, which stems from consuming 100% CPU while processing an extremely long server response, which may result in a denial of service...

Security Bulletin: Vulnerability in SSH servers which implement file transfer protocols affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in SSH servers which implement file transfer protocols has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to...