CVE-2018-13285

Command injection vulnerability in ftpd in Synology Router Manager SRM before 1.1.7-6941-1 allows remote authenticated users to execute arbitrary OS commands via the 1 MKD or 2 RMD command...

CVE-2011-1575

The STARTTLS implementation in ftpparser.c in Pure-FTPd before 1.0.30 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted FTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext...