EUVD-2026-35177

A vulnerability was determined in TOTOLINK CP450 4.1.0cu.747. This vulnerability affects unknown code of the file /etc/vsftpd.conf of the component vsftpd. This manipulation causes least privilege violation. The attack may be initiated remotely. The exploit has been publicly disclosed and may be...

EUVD-2026-35025

A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation leads to least privilege violation. The attack may be initiated remotely. The exploit has been disclosed publicly...

Moderate: Red Hat Security Advisory: vsftpd security update

An update for vsftpd is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring Syste...

RHEL 8 : vsftpd (RHSA-2026:4550)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:4550 advisory. The vsftpd packages include a Very Secure File Transfer Protocol FTP daemon, which is used to serve files over a network. Security Fixes: vsftpd:...

Amazon Linux 2 : vsftpd, --advisory ALAS2-2026-3176 (ALAS-2026-3176)

The version of vsftpd installed on the remote host is prior to 3.0.2-25. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3176 advisory. A flaw was found in vsftpd. This vulnerability allows a denial of service DoS via an integer overflow in the ls command parameter...

Amazon Linux 2023 : vsftpd (ALAS2023-2026-1432)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1432 advisory. A flaw was found in vsftpd. This vulnerability allows a denial of service DoS via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafte...

Medium: vsftpd

Issue Overview: A flaw was found in vsftpd. This vulnerability allows a denial of service DoS via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafted STAT command with a specific byte sequence. CVE-2025-14242 Affected Packages:...

RockyLinux 10 : vsftpd (RLSA-2026:0606)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:0606 advisory. vsftpd: vsftpd: Denial of service via integer overflow in ls command parameter parsing CVE-2025-14242 Tenable has extracted the preceding description block...

Linux Distros Unpatched Vulnerability : CVE-2025-14242

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in vsftpd. This vulnerability allows a denial of service DoS via an integer overflow in the ls command parameter parsing, triggered by a remote...

RHEL 10 : vsftpd (RHSA-2026:0606)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:0606 advisory. The vsftpd packages include a Very Secure File Transfer Protocol FTP daemon, which is used to serve files over a network. Security Fixes: vsftpd:...

Exploit for OS Command Injection in Vsftpd_Project Vsftpd

metasploitable-Security-Assessment comprehensive penetration t...

EUVD-2012-2127

Malware in sbrugna...

EUVD-2004-2251

Malware in sbrugna...

EUVD-2021-16991

Malware in sbrugna...

PT-2025-30319

Name of the Vulnerable Software and Affected Versions Linksys E2500 version 3.0.04.002 Description The chroot local user option is enabled in the vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot...

CVE-2025-44657

This CVE affects Linksys EA6350 V2.1.2 where chroot_local_user is enabled in the dynamically generated vsftpd config, enabling potential unauthorized access to system files and privilege escalation, with the device acting as a pivot point on the affected LAN. The vulnerability is driven by the ch...

CVE-2025-44657

In Linksys EA6350 V2.1.2, the chrootlocaluser option is enabled in the dynamically generated vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks...

CVE-2025-44657

In Linksys EA6350 V2.1.2, the chrootlocaluser option is enabled in the dynamically generated vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks...

Elspec G5 Digital Fault Recorder VsFTPd Service Denial of Service (CVE-2021-30047)

Outdated vsftpd service with known DoS issue. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid502820; scriptversion"1.2";...

Exploit for OS Command Injection in Vsftpd_Project Vsftpd

CVE-2011-2523-poc This is a python3 script to exploit the CVE...