3 matches found
CVE-2017-1000218
CVE-2017-1000218 concerns LightFTP 1.1, where a buffer overflow in the writelogentry function can lead to denial of service or remote code execution. The vulnerability description across the sources consistently identifies the affected component and the potential impacts. The CVE language does no...
CVE-2023-24042
CVE-2023-24042 concerns a race condition in LightFTP up to version 2.2 that allows path traversal via a malformed FTP request. The issue stems from a handler thread potentially using an overwritten context->FileName, enabling access to unintended paths. Affected software: LightFTP (versions 1....
CVE-2025-65403
LightFTP v2.0 contains a buffer overflow in the g_cfg.MaxUsers component that enables Denial-of-Service from crafted input. Public entries across multiple feeds confirm the affected version (LightFTP 2.0) and the DoS impact; no remediation or fixed version is identified in the provided documents....