PT-2026-47632

A security flaw has been discovered in TOTOLINK EX200 4.0.3c.7646. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation results in least privilege violation. It is possible to launch the attack remotely. The exploit has been released to the publi...

CVE-2026-32147 SFTP chroot bypass via path traversal in SSH_FXP_FSETSTAT

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to modify file attributes outside the configured chroot directory. The SFTP daemon sshsftpd stores the raw, user-supplied path in file...

CVE-2020-37029 FTPDummy 4.80 - Local Buffer Overflow

FTPDummy 4.80 contains a local buffer overflow vulnerability in its preference file handling that allows attackers to execute arbitrary code. Attackers can craft a malicious preference file with carefully constructed shellcode to trigger a structured exception handler overwrite and execute system...

RLSA-2026:0608 Moderate: vsftpd security update

The vsftpd packages include a Very Secure File Transfer Protocol FTP daemon, which is used to serve files over a network. Security Fixes: vsftpd: vsftpd: Denial of service via integer overflow in ls command parameter parsing CVE-2025-14242 For more details about the security issues, including the...

CVE-2025-14242

CVE-2025-14242 affects the FTP daemon vsftpd . The vulnerability is a Denial of Service caused by an integer overflow in the parsing of the ls command parameter, exploitable by a remote, authenticated attacker sending a crafted STAT command with a specific byte sequence. The provided documents co...

EUVD-2010-5307

Malware in sbrugna...

CVE-2025-8758

A vulnerability was found in TRENDnet TEW-822DRE FW103B02. It has been classified as problematic. This affects an unknown part of the component vsftpd. The manipulation leads to least privilege violation. Attacking locally is a requirement. The complexity of an attack is rather high. The...

CVE-2025-8758 TRENDnet TEW-822DRE vsftpd least privilege violation

A vulnerability was found in TRENDnet TEW-822DRE FW103B02. It has been classified as problematic. This affects an unknown part of the component vsftpd. The manipulation leads to least privilege violation. Attacking locally is a requirement. The complexity of an attack is rather high. The...

GNU Inetutils 安全漏洞

GNU Inetutils is a collection of network tools from the GNU Project that contains common network management programs such as traceroute, hostname, ifconfig, and others. The toolset is mainly used for functions such as network diagnostics, configuration and system information query. An elevation o...

SUSE CVE-2011-0988

pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vectors...

Synology Router Manager Command Injection Vulnerability (CNVD-2019-08959)

Synology Router Manager SRM is a software for configuring and managing Synology routers from Synology Inc. of Taiwan, China. A command injection vulnerability exists in ftpd in Synology SRM versions prior to 1.1.7-6941-1. The vulnerability, which originates from a failure of a network system or...

The vulnerability of the FTP server Tiny FTP Daemon, which allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the FTP server Tiny FTP Daemon arises due to buffer overflow. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures or execute arbitrary code...

Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The numerous vulnerabilities in the ftpd package of the Debian GNU/Linux operating system can be exploited, leading to a violation of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by local malicious individuals...