Rumpus Ftp Server vulnerabilities
9 known vulnerabilities affecting rumpus/ftp_server.
Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH4MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2025-55055P2CRITICALCVSS 9.8v9.0.122025-11-17
CVE-2025-55055 [CRITICAL] CWE-78 CVE-2025-55055: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
nvd
CVE-2022-46367P3HIGHCVSS 8.8≥ latest, < 9.0.7.1*2023-01-12
CVE-2022-46367 [HIGH] CWE-352 CVE-2022-46367: Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation vulnerability that may
Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation vulnerability that may allow privilege escalation.
nvd
CVE-2025-55057P3HIGHCVSS 8.8v9.0.122025-11-17
CVE-2025-55057 [HIGH] CWE-352 CVE-2025-55057: Multiple CWE-352 Cross-Site Request Forgery (CSRF)
Multiple CWE-352 Cross-Site Request Forgery (CSRF)
nvd
CVE-2022-46370P3HIGHCVSS 7.5≥ latest, < 9.0.7.1*2023-01-12
CVE-2022-46370 [HIGH] CWE-345 CVE-2022-46370: Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow bypassing i
Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow bypassing identity verification.
nvd
CVE-2022-46368P3HIGHCVSS 8.8≥ latest, < 9.0.7.1*2023-01-12
CVE-2022-46368 [HIGH] CWE-352 CVE-2022-46368: Rumpus - FTP server version 9.0.7.1 Cross-site request forgery (CSRF) – vulnerability may allow unau
Rumpus - FTP server version 9.0.7.1 Cross-site request forgery (CSRF) – vulnerability may allow unauthorized action on behalf of authenticated users.
nvd
CVE-2025-55056P4MEDIUMCVSS 6.1v9.0.122025-11-17
CVE-2025-55056 [MEDIUM] CWE-79 CVE-2025-55056: Multiple CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scri
Multiple CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
nvd
CVE-2025-55059P4MEDIUMCVSS 6.1v9.0.122025-11-17
CVE-2025-55059 [MEDIUM] CWE-79 CVE-2025-55059: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
nvd
CVE-2022-39187P4MEDIUMCVSS 6.1≥ latest, < 9.0.7.1*2023-01-12
CVE-2022-39187 [MEDIUM] CWE-79 CVE-2022-39187: Rumpus - FTP server version 9.0.7.1 has a Reflected cross-site scripting (RXSS) vulnerability throug
Rumpus - FTP server version 9.0.7.1 has a Reflected cross-site scripting (RXSS) vulnerability through unspecified vectors.
nvd
CVE-2022-46369P4MEDIUMCVSS 5.4≥ latest, < 9.0.7.1*2023-01-12
CVE-2022-46369 [MEDIUM] CWE-79 CVE-2022-46369: Rumpus - FTP server version 9.0.7.1 Persistent cross-site scripting (PXSS) – vulnerability may allow
Rumpus - FTP server version 9.0.7.1 Persistent cross-site scripting (PXSS) – vulnerability may allow inserting scripts into unspecified input fields.
nvd