VYPR
Medium severity6.2NVD Advisory· Published Apr 5, 2026· Updated Apr 9, 2026

CVE-2019-25683

CVE-2019-25683

Description

FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that allows local attackers to crash the application by supplying a malformed path string. Attackers can trigger the crash by entering a crafted path containing 384 'A' characters followed by 'BBBB' and 'CCCC' sequences in the search directory field and initiating a local search operation.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:filezilla-project:filezilla_client:3.40.0:-:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:filezilla-project:filezilla_client:3.40.0:-:*:*:*:*:*:*
    • (no CPE)range: = 3.40.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.