160 matches found
Astra Linux – Vulnerability in libcommons-net-java
Prior to Apache Commons Net 3.9.0, Net’s FTP client trusted the host based on the PASV response by default. A malicious server could redirect the Commons Net code to use a different host, but the user had to connect to the malicious server in the first place. This could result in the leakage of...
OESA-2026-2669 gvfs security update
Gvfs is a userspace virtual filesystem implementation for GIO a library available in GLib. It comes with a set of backends, including trash support, SFTP, SMB, HTTP, DAV, and many others. Gvfs also contains modules for GIO that implement volume monitors and persistent metadata storage. Security...
SUSE CVE-2026-48858
Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftpinternal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftpinternal:handlectrlresult/2 PASV handler mode=passive, ipfamily=inet, ftpextension=false extracts the IP address from the...
FreeBSD : Erlang/OTP -- FTP passive-mode client does not validate server response IP (d87e0681-64d4-11f1-ab11-4c526214c986)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d87e0681-64d4-11f1-ab11-4c526214c986 advisory. https://github.com/erlang/otp/security/advisories/GHSA-24cv-hwgr-37fq reports: The FTP client in passiv...
CVE-2026-48858
Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftpinternal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftpinternal:handlectrlresult/2 PASV handler mode=passive, ipfamily=inet, ftpextension=false extracts the IP address from the...
CVE-2026-48858 ftp client PASV response IP not validated against control peer, enabling SSRF and FTP bounce attacks
Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftpinternal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftpinternal:handlectrlresult/2 PASV handler mode=passive, ipfamily=inet, ftpextension=false extracts the IP address from the...
CVE-2026-48858 ftp client PASV response IP not validated against control peer, enabling SSRF and FTP bounce attacks
Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftpinternal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftpinternal:handlectrlresult/2 PASV handler mode=passive, ipfamily=inet, ftpextension=false extracts the IP address from the...
CVE-2026-48858
The CVE-2026-48858 entry describes a Server-Side Request Forgery (SSRF) flaw in Erlang/OTP ftp’s PASV path: the ftp_internal PASV handler accepts the server’s 227 response IP and passes it to gen_tcp:connect without validating it against the control connection peer, unlike EPSV handlers. This ena...
EEF-CVE-2026-48858 ftp client PASV response IP not validated against control peer, enabling SSRF and FTP bounce attacks
Summary Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftp\internal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftp\internal:handle\ctrl\result/2 PASV handler mode=passive, ipfamily=inet, ftp\extension=false extracts the IP address...
PT-2026-48465
Summary Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftp internal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftp internal:handle ctrl result/2 PASV handler mode=passive, ipfamily=inet, ftp extension=false extracts the IP address...
Erlang/OTP -- FTP passive-mode client does not validate server response IP
https://github.com/erlang/otp/security/advisories/GHSA-24cv-hwgr-37fq reports: The FTP client in passive mode did not validate the IP address returned in the server's response, allowing a compromised or malicious server to redirect the data connection to an arbitrary host. This enables server-sid...
BIT-PYTHON-2026-8328 FTP PASV SSRF, ftpcp() does not use actual peer address, trusts server-supplied PASV host address
The ftpcp function in Lib/ftplib.py was not updated when CVE-2021-4189 was fixed. While makepasv was patched to replace server-supplied PASV host addresses with the actual peer address getpeername0, ftpcp still calls parse227 directly and passes the raw attacker-controllable IP address and port t...
BIT-LIBPYTHON-2026-8328 FTP PASV SSRF, ftpcp() does not use actual peer address, trusts server-supplied PASV host address
The ftpcp function in Lib/ftplib.py was not updated when CVE-2021-4189 was fixed. While makepasv was patched to replace server-supplied PASV host addresses with the actual peer address getpeername0, ftpcp still calls parse227 directly and passes the raw attacker-controllable IP address and port t...
Astra Linux - уязвимость в curl
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port. In this way, the malicious server can potentially enable curl to extract information about services that would otherwise be private and undisclosed. This could...
Astra Linux - уязвимость в python2.7, python3.7
A flaw was discovered in Python, specifically in the FTP File Transfer Protocol client library when operating in PASV passive mode. The issue arises from how the FTP client defaults to trusting the host based on the PASV response. This flaw allows an attacker to create a malicious FTP server that...
FTP PASV SSRF, ftpcp() does not use actual peer address, trusts server-supplied PASV host address
...
OESA-2026-2323 gvfs security update
Gvfs is a userspace virtual filesystem implementation for GIO a library available in GLib. It comes with a set of backends, including trash support, SFTP, SMB, HTTP, DAV, and many others. Gvfs also contains modules for GIO that implement volume monitors and persistent metadata storage. Security...
OESA-2026-2322 gvfs security update
Gvfs is a userspace virtual filesystem implementation for GIO a library available in GLib. It comes with a set of backends, including trash support, SFTP, SMB, HTTP, DAV, and many others. Gvfs also contains modules for GIO that implement volume monitors and persistent metadata storage. Security...
Linux Distros Unpatched Vulnerability : CVE-2026-8328
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ftpcp function in Lib/ftplib.py was not updated when CVE-2021-4189 was fixed. While makepasv was patched to replace server-supplied PASV host addresses with...
CVE-2026-8328
The connected documents identify CVE-2026-8328 as a Python Lib/ftplib.py issue: ftpcp() was not updated when CVE-2021-4189 was fixed. While makepasv() now replaces server-supplied PASV host addresses with the actual peer address (getpeername()[0]), ftpcp() still calls parse227() directly and forw...