CVE-2026-22320

A stack-based buffer overflow in the CLI's TFTP file‑transfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized filename input. Exploitation results in the corruption of the internal buffer, causing the CLI a...

CVE-2026-21620 TFTP Path Traversal

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

PT-2026-7890

Name of the Vulnerable Software and Affected Versions Open TFTP Server MultiThreaded version 1.7 Description A heap buffer overflow exists in the processRequest function of Open TFTP Server MultiThreaded. This issue can be triggered by sending a crafted DATA packet, potentially leading to a Denia...

CVE-2021-31885

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...

TFTP Fetch, Linux Command Shell, Bind TCP Inline

Fetch and execute an RISC-V 32-bit payload from a TFTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/tftp/riscv32le/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show...

CVE-2020-12504

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT all versions and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an acti...

curl: heap buffer overflow in function tftp_receive_packet()

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3...

How to Load Balance Trivial File Transfer Protocol Servers

This article describes how to load balance a Trivial File Transfer Protocol TFTP server using Reverse Network Address Translation RNAT and Use Source IP USIP. TFTP is simple file transport protocol. It uses User Datagram Protocol UDP port 69 as a transport protocol and is typically implemented on...

TFTP Detection

The remote host has a TFTP server running. TFTP stands for Trivial File Transfer Protocol. SPDX-FileCopyrightText: 2009 Vlatko Kosturjak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

TFTP Directory Traversal Vulnerabilities - Active Check

The TFTP Trivial File Transfer Protocol allows remote users to read files without having to log in. This may be a big security flaw, especially if tftpd the TFTP server is not well configured by the admin of the remote host. SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might b...

Cisco TFTP Server Long Filename DoS (CSCdy03429)

Trivial File Transfer Protocol TFTP is a protocol which allows for easy transfer of files between network connected devices. A vulnerability has been discovered in the processing of filenames within a TFTP read request when Cisco IOS is configured to act as a TFTP server. This vulnerability is...

CVE-2001-1484

Alcatel ADSL modems allow remote attackers to access the Trivial File Transfer Protocol TFTP to modify firmware and configuration via a bounce attack from a system on the local area network LAN side, which is allowed to access TFTP without authentication...

Alcatel ADSL modems grant unauthenticated TFTP access via Bounce Attacks

Overview The San Diego Supercomputer Center SDSC has recently discovered several vulnerabilities in the Alcatel Speed Touch line of Asymmetric Digital Subscriber Line ADSL modems. These vulnerabilities are the result of weak authentication and access control policies and result in one or more of...