3895 matches found
CVE-2026-49172
Heap-based buffer overflow in Windows FTP Service allows an unauthorized attacker to execute code over a network...
KB5099536: Windows Server 2025 Security Update (July 2026)
The remote Windows host is missing security update 5099536. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows RDP allows an unauthorized attacker to execute code over a network. CVE-2026-58594 - Heap-based buffer overflow in Windows FTP Service...
KB5099538: Windows 10 version 1809 / Windows Server 2019 Security Update (July 2026)
The remote Windows host is missing security update 5099538. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows RDP allows an unauthorized attacker to execute code over a network. CVE-2026-58594 - Heap-based buffer overflow in Windows FTP Service...
KB5099540: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (July 2026)
The remote Windows host is missing security update 5099540. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows RDP allows an unauthorized attacker to execute code over a network. CVE-2026-58594 - Heap-based buffer overflow in Windows FTP Service...
Linux Distros Unpatched Vulnerability : CVE-2026-15146
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Wget does not validate the IP address provided by an FTP PASV response while operating in FTP passive mode. A malicious FTP server, or an HTTP server that...
CVE-2026-59996
A flaw was found in OpenSSH, a widely used tool for secure remote access. When a user attempts to copy files between two different remote systems using the scp command, the file might be incorrectly placed in a directory above the intended destination. This unintended file placement could lead to...
CVE-2026-57850 RustDesk before 1.4.9 Missing Session Scope Enforcement Allows Out-of-Scope Control Message Injection
RustDesk before 1.4.9 does not enforce a session's authorized connection scope on the server side, so a peer granted a limited session type FileTransfer, PortForward, ViewCamera, or Terminal can send control messages and login options reserved for a full Remote session. An authenticated remote pe...
CVE-2026-57850
RustDesk before 1.4.9 fails to enforce a session’s authorized connection scope on the server side. A peer with a limited session type (FileTransfer, PortForward, ViewCamera, or Terminal) can send control messages and login options intended for a full Remote session, enabling actions outside its g...
CVE-2026-15146
GNU Wget does not validate the IP address provided by an FTP PASV response while operating in FTP passive mode. A malicious FTP server, or an HTTP server that redirects to an FTP URL, can exploit this behavior to redirect Wget’s data connection to an arbitrary IP address and port. This allows an...
UBUNTU-CVE-2026-15146
GNU Wget does not validate the IP address provided by an FTP PASV response while operating in FTP passive mode. A malicious FTP server, or an HTTP server that redirects to an FTP URL, can exploit this behavior to redirect Wget’s data connection to an arbitrary IP address and port. This allows an...
FTP Fetch, Bind IPv6 TCP Stager (Windows x86)
Fetch and execute an x86 payload from an FTP server. Listen for an IPv6 connection Windows x86 Module Options msf use payload/cmd/windows/ftp/x86/peinject/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf payloadbindipv6tcp show options ...show an...
FTP Fetch, Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/shell/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf...
FTP Fetch, Hidden Bind TCP Stager
Fetch and execute an x86 payload from an FTP server. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options msf use payload/cmd/windows/ftp/x86/meterpreter/bindhiddentcp msf payloadbindhiddentcp show actions ...actions... msf payloadbindhiddentcp...
FTP Fetch, Windows shellcode stage, Reverse All-Port TCP Stager
Fetch and execute an x86 payload from an FTP server. Custom shellcode stage. Try to connect back to the attacker, on all possible ports 1-65535, slowly Module Options msf use payload/cmd/windows/ftp/x86/custom/reversetcpallports msf payloadreversetcpallports show actions ...actions... msf...
FTP Fetch, Windows shellcode stage, Reverse TCP Stager
Fetch and execute an x86 payload from an FTP server. Custom shellcode stage. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/custom/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...sh...
FTP Fetch, Windows shellcode stage, Windows Reverse HTTPS Stager (winhttp)
Fetch and execute an x86 payload from an FTP server. Custom shellcode stage. Tunnel communication over HTTPS Windows winhttp Module Options msf use payload/cmd/windows/ftp/x86/custom/reversewinhttps msf payloadreversewinhttps show actions ...actions... msf payloadreversewinhttps set ACTION msf...
FTP Fetch, Windows shellcode stage, Reverse TCP Stager with UUID Support
Fetch and execute an x86 payload from an FTP server. Custom shellcode stage. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/ftp/x86/custom/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set ACTION msf...
FTP Fetch, Windows shellcode stage, Reverse TCP Stager (DNS)
Fetch and execute an x86 payload from an FTP server. Custom shellcode stage. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/custom/reversetcpdns msf payloadreversetcpdns show actions ...actions... msf payloadreversetcpdns set ACTION msf payloadreversetcpdns show...
FTP Fetch, Windows shellcode stage, Windows Reverse HTTP Stager (winhttp)
Fetch and execute an x86 payload from an FTP server. Custom shellcode stage. Tunnel communication over HTTP Windows winhttp Module Options msf use payload/cmd/windows/ftp/x86/custom/reversewinhttp msf payloadreversewinhttp show actions ...actions... msf payloadreversewinhttp set ACTION msf...
FTP Fetch, Windows shellcode stage, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
Fetch and execute an x86 payload from an FTP server. Custom shellcode stage. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/custom/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf...