FTP
by FTP
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-125114 | Hig | 0.61 | — | 0.01 | Jul 25, 2025 | A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling of the Time attribute within Schedule.xml. By placing a specially crafted Schedule.xml file in the i-Ftp application directory, a remote attacker can trigger a buffer overflow… | ||
| CVE-2025-34299 | 0.09 | — | 0.73 | Nov 7, 2025 | Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated arbitrary file uploads. This flaw enables attackers to execute arbitrary code by uploading a specially crafted file from a malicious (S)FTP server. | |||
| CVE-2023-22551 | 0.01 | — | 0.02 | Jan 1, 2023 | The FTP (aka "Implementation of a simple FTP client and server") project through 96c1a35 allows remote attackers to cause a denial of service (memory consumption) by engaging in client activity, such as establishing and then terminating a connection. This occurs because malloc… | |||
| CVE-1999-0082 | 0.01 | — | 0.08 | Nov 11, 1988 | CWD ~root command in ftpd allows root access. | |||
| CVE-2019-25614 | 0.00 | — | 0.01 | Mar 22, 2026 | Free Float FTP 1.0 contains a buffer overflow vulnerability in the STOR command handler that allows remote attackers to execute arbitrary code by sending a crafted STOR request with an oversized payload. Attackers can authenticate with anonymous credentials and send a malicious… | |||
| CVE-1999-1078 | 0.00 | — | 0.02 | Jul 29, 1999 | WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges. | |||
| CVE-1999-0081 | 0.00 | — | 0.02 | Jan 11, 1997 | wu-ftp allows files to be overwritten via the rnfr command. | |||
| CVE-1999-0201 | 0.00 | — | 0.06 | Jan 1, 1997 | A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user. |
- risk 0.61cvss —epss 0.01
A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling of the Time attribute within Schedule.xml. By placing a specially crafted Schedule.xml file in the i-Ftp application directory, a remote attacker can trigger a buffer overflow…
- CVE-2025-34299Nov 7, 2025risk 0.09cvss —epss 0.73
Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated arbitrary file uploads. This flaw enables attackers to execute arbitrary code by uploading a specially crafted file from a malicious (S)FTP server.
- CVE-2023-22551Jan 1, 2023risk 0.01cvss —epss 0.02
The FTP (aka "Implementation of a simple FTP client and server") project through 96c1a35 allows remote attackers to cause a denial of service (memory consumption) by engaging in client activity, such as establishing and then terminating a connection. This occurs because malloc…
- CVE-1999-0082Nov 11, 1988risk 0.01cvss —epss 0.08
CWD ~root command in ftpd allows root access.
- CVE-2019-25614Mar 22, 2026risk 0.00cvss —epss 0.01
Free Float FTP 1.0 contains a buffer overflow vulnerability in the STOR command handler that allows remote attackers to execute arbitrary code by sending a crafted STOR request with an oversized payload. Attackers can authenticate with anonymous credentials and send a malicious…
- CVE-1999-1078Jul 29, 1999risk 0.00cvss —epss 0.02
WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges.
- CVE-1999-0081Jan 11, 1997risk 0.00cvss —epss 0.02
wu-ftp allows files to be overwritten via the rnfr command.
- CVE-1999-0201Jan 1, 1997risk 0.00cvss —epss 0.06
A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user.