EUVD-2026-35023

A security flaw has been discovered in D-Link DIR-823G 1.0.2B05. The affected element is an unknown function of the file /etc/vsftpd.conf of the component vsftpd. Performing a manipulation results in least privilege violation. The attack can be initiated remotely. The exploit has been released to...

CVE-1999-0707

The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization...

EUVD-2018-9615

Malware in sbrugna...

CVE-2025-34129

CVE-2025-34129 affects LILIN Digital Video Recorder (DVR) devices prior to firmware 2.0b60_20200207. The root cause is insufficient sanitization of the FTP and NTP Server fields in the service configuration, allowing an attacker with access to the configuration interface to upload a malicious XML...

The vulnerability of the set_ftp_cfg() function in the nas.cgi script of the Wavlink AC3000 router’s microprogramming system allows a hacker to circumvent existing security restrictions.

The vulnerability of the setftpcfg function in the nas.cgi script of the Wavlink AC3000 WL-WN533A8 router’s microprogramming system is related to errors in system configuration or settings. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions by...

CVE-2024-39788

Multiple external config control vulnerabilities exist in the nas.cgi setftpcfg functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration...

PT-2024-33239 · Unknown · Automatic Systems Maintenance Slimlane

Name of the Vulnerable Software and Affected Versions: Automatic Systems Maintenance SlimLane 29565 d74ecce0c1081d50546db573a499941b10799fb7 Description: A Cross Site Scripting XSS vulnerability allows a remote attacker to escalate privileges via the FtpConfig.php component. This issue enables an...

AZL-25787 CVE-2023-27535 affecting package cmake for versions less than 3.21.4-13

An authentication bypass vulnerability exists in libcurl 8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain...

CVE-2021-41637

CVE-2021-41637 concerns MELAG FTP Server 2.2.0.4 with weak access control that permits the Everyone group to read the local FTP configuration file, exposing unencrypted passwords of all FTP users. The connected CNVD/CVE entries describe this as an authorization issue rooted in improper file permi...

Improper access control

An incorrect access control vulnerability in the FTP configuration of WiFiRanger devices with firmware version 7.0.8rc3 and earlier allows an attacker with adjacent network access to read the SSH Private Key and log in to the root account...

WAGO IO PLC 758-870 / 750-849 Credential Management / Privilege Separation

WAGO IO PLC 758-870, 750-849, 750-849 vulnerabilities Background According to WAGO’s Web site, WAGO is an international company based in Germany. They operate production facilities in Germany, Switzerland, Poland, China, and India. WAGO maintains offices worldwide. According to WAGO, its products...

Warning! Update Mozilla Firefox to Patch Critical File Stealing Vulnerability

Earlier this week, Mozilla Security researcher Cody Crews discovered a malicious advertisement on a Russian news site that steals local files from a system and upload them to a Ukrainian server without the user ever knowing. The malicious advertisement was exploiting a serious vulnerability in...

CVE-1999-1298

Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous FTP, creates the ftp user without a password and with /bin/date as the shell, which could allow attackers to gain access to certain system resources...