VYPR

Client

by Ftpshell

CVEs (3)

  • CVE-2018-7573CriMar 1, 2018
    risk 0.72cvss 9.8epss 0.70

    An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. This is similar to CVE-2009-3364 and…

  • CVE-2017-6465CriMar 10, 2017
    risk 0.71cvss 9.8epss 0.50

    Remote Code Execution was discovered in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP server it is connecting to; however, it doesn't check the response's length, leading to a buffer overflow situation.

  • CVE-2009-3364Sep 24, 2009
    risk 0.03cvss epss 0.05

    Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote FTP servers to execute arbitrary code via a long response to a PASV command.