CVE-2011-10005

EasyFTP MKD Command buffer overflow

CVSS 6.3 MEDIUMEPSS 3.5%CWE-120

Vexday Risk Score

28Baixo

Decisão SSVC (CISA)

Attend

PoC disponível → acompanhar de perto

CVSS 6.3EPSS 3.5%KEV nãoPoC —Nuclei —Metasploit simPatch —

Ciclo de vida

04 abr 2010Exploit Metasploit disponível

16 jan 2024Publicada no NVD

Recomendação: Planejar correção próxima — já existe PoC pública.

A vulnerability, which was classified as critical, was found in EasyFTP 1.7.0.2. Affected is an unknown function of the component MKD Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250716.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Produtos afetados

n/a · EasyFTP

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://vuldb.com/?ctiid.250716 https://vuldb.com/?id.250716 https://www.exploit-db.com/exploits/17354