Unrated severityNVD Advisory· Published Aug 20, 2025· Updated Apr 7, 2026

ProFTPD 1.3.3c Backdoor Command Execution

CVE-2010-20103

Description

A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows remote, unauthenticated attackers to run any OS command on the FTP server host.

Affected products

Proftpd/Proftpdllm-fuzzy
Range: =1.3.3c
ProFTPD Project/ProFTPD (Professional FTP Daemon)v5
Range: 1.3.3c

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/ftp/proftpd_133c_backdoor.rbmitreexploit
www.exploit-db.com/exploits/15662mitreexploit
www.exploit-db.com/exploits/16921mitreexploit
advisories.checkpoint.com/defense/advisories/public/2011/cpai-2010-151.html/mitrethird-party-advisory
web.archive.org/web/20111107212129/http://rsync.proftpd.org/mitrevendor-advisorypatch
www.vulncheck.com/advisories/proftpd-backdoor-command-executionmitrethird-party-advisory
www.proftpd.orgmitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.068
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000