CVE-2015-7768
50Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 63%
from disclosure to weapon0 days
Published on NVDOct 9
1st PoCSep 21
metasploitAug 23
exploitation probability
63%top 1% of all CVEs
observed exploitation
nono source reports it
6 public exploit(s)
Buffer overflow in Konica Minolta FTP Utility 1.0 allows remote attackers to execute arbitrary code via a long CWD command.
Affected products
n/a · n/apublic PoCs found — 6
cve_referencepacketstormsecurity.com/files/133621/Konica-Minolta-FTP-Utility-1.00-Post-Auth-CWD-Command-SEH-Overflow.htmlunverifiedcve_referencepacketstormsecurity.com/files/137252/Konica-Minolta-FTP-Utility-1.0-SEH-Buffer-Overflow.htmlunverifiedcve_referencewww.exploit-db.com/exploits/38254/unverifiedcve_referencewww.exploit-db.com/exploits/39215/unverifiedexploitdbwww.exploit-db.com/exploits/38254unverifiedexploitdbwww.exploit-db.com/exploits/39215unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://packetstormsecurity.com/files/133621/Konica-Minolta-FTP-Utility-1.00-Post-Auth-CWD-Command-SEH-Overflow.htmlhttp://packetstormsecurity.com/files/137252/Konica-Minolta-FTP-Utility-1.0-SEH-Buffer-Overflow.htmlhttps://www.exploit-db.com/exploits/38254/https://www.exploit-db.com/exploits/39215/http://www.rapid7.com/db/modules/exploit/windows/ftp/kmftp_utility_cwd