VYPR
Unrated severityNVD Advisory· Published Jan 27, 2021· Updated Aug 3, 2024

CVE-2021-3331

CVE-2021-3331

Description

WinSCP before 5.17.10 allows remote attackers to execute arbitrary programs when the URL handler encounters a crafted URL that loads session settings. (For example, this is exploitable in a default installation in which WinSCP is the handler for sftp:// URLs.)

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • WinSCP/WinSCPdescription
  • Winscp/Winscpllm-fuzzy
    Range: <5.17.10

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.