A buffer overflow vulnerability in the Virtual Path Mapping component of FTPShell v6.83 allows attackers to cause a denial of service (DoS).
Max CVSS
7.5
EPSS Score
0.08%
Published
2021-12-17
Updated
2021-12-21

CVE-2018-7573

Public exploit
An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. This is similar to CVE-2009-3364 and CVE-2017-6465.
Max CVSS
10.0
EPSS Score
88.71%
Published
2018-03-01
Updated
2019-03-01
Remote Code Execution was discovered in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP server it is connecting to; however, it doesn't check the response's length, leading to a buffer overflow situation.
Max CVSS
9.8
EPSS Score
6.61%
Published
2017-03-10
Updated
2017-03-14
Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote FTP servers to execute arbitrary code via a long response to a PASV command.
Max CVSS
9.3
EPSS Score
1.57%
Published
2009-09-24
Updated
2017-09-19
Stack-based buffer overflow in FTPShell Server 4.3 allows user-assisted remote attackers to cause a denial of service (persistent daemon crash) and possibly execute arbitrary code via a long string in a licensing key (aka .key) file.
Max CVSS
9.3
EPSS Score
3.69%
Published
2009-01-29
Updated
2017-09-29
FTPshell Server 3.38 allows remote authenticated users to cause a denial of service (application crash) by multiple connections and disconnections without using the QUIT command.
Max CVSS
2.1
EPSS Score
0.65%
Published
2005-08-03
Updated
2017-07-11
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!