Ftpshell : Security Vulnerabilities, CVEs,
A buffer overflow vulnerability in the Virtual Path Mapping component of FTPShell v6.83 allows attackers to cause a denial of service (DoS).
Max CVSS
7.5
EPSS Score
0.08%
Published
2021-12-17
Updated
2021-12-21
CVE-2018-7573
Public exploit
An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. This is similar to CVE-2009-3364 and CVE-2017-6465.
Max CVSS
10.0
EPSS Score
88.71%
Published
2018-03-01
Updated
2019-03-01
Remote Code Execution was discovered in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP server it is connecting to; however, it doesn't check the response's length, leading to a buffer overflow situation.
Max CVSS
9.8
EPSS Score
6.61%
Published
2017-03-10
Updated
2017-03-14
Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote FTP servers to execute arbitrary code via a long response to a PASV command.
Max CVSS
9.3
EPSS Score
1.36%
Published
2009-09-24
Updated
2017-09-19
Stack-based buffer overflow in FTPShell Server 4.3 allows user-assisted remote attackers to cause a denial of service (persistent daemon crash) and possibly execute arbitrary code via a long string in a licensing key (aka .key) file.
Max CVSS
9.3
EPSS Score
3.69%
Published
2009-01-29
Updated
2017-09-29
FTPshell Server 3.38 allows remote authenticated users to cause a denial of service (application crash) by multiple connections and disconnections without using the QUIT command.
Max CVSS
2.1
EPSS Score
0.65%
Published
2005-08-03
Updated
2017-07-11
6 vulnerabilities found