Unrated severityNVD Advisory· Published Aug 21, 2009· Updated Jun 16, 2026
CVE-2008-7016
CVE-2008-7016
Description
tnftpd before 20080929 splits large command strings into multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unknown vectors, probably involving a crafted ftp:// link to a tnftpd server.
Affected products
4cpe:2.3:a:luke_mewburn:tnftpd:20040810:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:luke_mewburn:tnftpd:20040810:*:*:*:*:*:*:*
- cpe:2.3:a:luke_mewburn:tnftpd:20061217:*:*:*:*:*:*:*
- cpe:2.3:a:luke_mewburn:tnftpd:20080609:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.