cbcvebase.

Easyftp Server Project Easyftp Server vulnerabilities

3 known vulnerabilities affecting easyftp_server_project/easyftp_server.

Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1

Vulnerabilities

Page 1 of 1
CVE-2010-20121P2CRITICALCVSS 9.8PoCfixed in 1.7.0.122025-08-21
CVE-2010-20121 [CRITICAL] CWE-121 CVE-2010-20121: EasyFTP Server versions up to 1.7.0.11 contain a stack-based buffer overflow vulnerability in the FT EasyFTP Server versions up to 1.7.0.11 contain a stack-based buffer overflow vulnerability in the FTP command parser. When processing the CWD (Change Working Directory) command, the server fails to properly validate the length of the input string, allowing attackers to overwrite memory on the stack. This flaw enables remote code execution without
nvd
CVE-2010-20113P2CRITICALCVSS 9.8PoCfixed in 1.7.0.122025-08-21
CVE-2010-20113 [CRITICAL] CWE-121 CVE-2010-20113: EasyFTP Server 1.7.0.11 and earlier contains a stack-based buffer overflow vulnerability in its HTTP EasyFTP Server 1.7.0.11 and earlier contains a stack-based buffer overflow vulnerability in its HTTP interface. When processing a GET request to list.html, the server fails to properly validate the length of the path parameter. Supplying an excessively long value causes a buffer overflow on the stack, potentially corrupting control flow structures
nvd
CVE-2011-10005P2HIGHCVSS 8.8PoCv1.7.0.22024-01-16
CVE-2011-10005 [HIGH] CWE-120 CVE-2011-10005: A vulnerability, which was classified as critical, was found in EasyFTP 1.7.0.2. Affected is an unkn A vulnerability, which was classified as critical, was found in EasyFTP 1.7.0.2. Affected is an unknown function of the component MKD Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250716.
nvd
Easyftp Server Project Easyftp Server vulnerabilities | cvebase