VYPR
Vendor

Netsarang

Products
6
CVEs
12
Across products
17
Status
Private

Products

6

Recent CVEs

12
  • CVE-2019-17320CriOct 10, 2019
    risk 0.64cvss 9.8epss 0.02

    NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads attacker to execute arbitrary code by sending a crafted filename.

  • CVE-2017-20203CriOct 9, 2025
    risk 0.60cvss epss 0.01

    NetSarang Xmanager Enterprise 5.0 Build 1232, Xmanager 5.0 Build 1045, Xshell 5.0 Build 1322, Xftp 5.0 Build 1218, and Xlpd 5.0 Build 1220 contain a malicious nssock2.dll that implements a multi-stage, DNS-based backdoor. The dormant library contacts a C2 DNS server via a…

  • CVE-2022-33035HigJun 29, 2022
    risk 0.51cvss 7.8epss 0.00

    XLPD v7.0.0094 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges.

  • CVE-2021-42095HigOct 7, 2021
    risk 0.49cvss 7.5epss 0.01

    Xshell before 7.0.0.76 allows attackers to cause a crash by triggering rapid changes to the title bar.

  • CVE-2022-27966MedMar 31, 2022
    risk 0.42cvss 6.5epss 0.00

    Xshell v7.0.0099 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file.

  • CVE-2022-27965MedMar 31, 2022
    risk 0.42cvss 6.5epss 0.00

    Xlpd v7.0.0094 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file.

  • CVE-2022-27964MedMar 31, 2022
    risk 0.42cvss 6.5epss 0.00

    Xmanager v7.0.0096 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file.

  • CVE-2022-27963MedMar 31, 2022
    risk 0.42cvss 6.5epss 0.00

    Xftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file.

  • CVE-2023-48795MedDec 18, 2023
    risk 0.39cvss 5.9epss 0.93

    The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently…

  • CVE-2021-37326MedAug 15, 2021
    risk 0.35cvss 5.3epss 0.01

    NetSarang Xshell 7 before Build 0077 includes unintended code strings in paste operations.

  • CVE-2012-1009Feb 14, 2012
    risk 0.03cvss epss 0.03

    NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build 0186 allow remote attackers to cause a denial of service (daemon crash) via a malformed LPD request.

  • CVE-2006-0148Jan 9, 2006
    risk 0.00cvss epss 0.02

    NetSarang Xlpd 2.1 allows remote attackers to cause a denial of service (crash) via a large number of connections from the same IP address.