Filtered by vendor Ftpshell
Subscribe
Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3364 | 1 Ftpshell | 1 Ftpshell | 2026-04-23 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote FTP servers to execute arbitrary code via a long response to a PASV command. | |||||
| CVE-2009-0349 | 1 Ftpshell | 1 Ftpshell Server | 2026-04-23 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in FTPShell Server 4.3 allows user-assisted remote attackers to cause a denial of service (persistent daemon crash) and possibly execute arbitrary code via a long string in a licensing key (aka .key) file. | |||||
| CVE-2005-2426 | 1 Ftpshell | 1 Ftpshell Server | 2026-04-16 | 2.1 LOW | N/A |
| FTPshell Server 3.38 allows remote authenticated users to cause a denial of service (application crash) by multiple connections and disconnections without using the QUIT command. | |||||
| CVE-2019-25619 | 1 Ftpshell | 1 Ftpshell Server | 2026-04-03 | N/A | 8.4 HIGH |
| FTP Shell Server 6.83 contains a buffer overflow vulnerability in the 'Account name to ban' field that allows local attackers to execute arbitrary code by supplying a crafted string. Attackers can inject shellcode through the account name parameter in the Manage FTP Accounts dialog to overwrite the return address and execute calc.exe or other commands. | |||||
| CVE-2018-25226 | 1 Ftpshell | 1 Ftpshell Server | 2026-03-31 | N/A | 6.2 MEDIUM |
| FTPShell Server 6.83 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the account name field. Attackers can trigger a denial of service by pasting a 417-byte payload into the 'Account name to ban' parameter within the Manage FTP Accounts interface. | |||||
| CVE-2017-6465 | 1 Ftpshell | 1 Ftpshell Client | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Remote Code Execution was discovered in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP server it is connecting to; however, it doesn't check the response's length, leading to a buffer overflow situation. | |||||
| CVE-2020-18077 | 1 Ftpshell | 1 Ftpshell Server | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A buffer overflow vulnerability in the Virtual Path Mapping component of FTPShell v6.83 allows attackers to cause a denial of service (DoS). | |||||
| CVE-2018-7573 | 1 Ftpshell | 1 Ftpshell Client | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. This is similar to CVE-2009-3364 and CVE-2017-6465. | |||||