cbcvebase.
CVE-2004-1165
published 2005-01-10

CVE-2004-1165: Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command…

PriorityP338high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
4.44%
90.2th percentile
Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command.

Affected

10 ranges
VendorProductVersion rangeFixed in
kdekdelibs
kdekdelibs
kdekdelibs
kdekdelibs
kdekdelibs
kdekdelibs
kdekdelibs
kdekdelibs
kdekdelibs
kdekonqueror

CVSS provenance

nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.