📦

xftp

Vendor: netsarang

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 2 Remote Access

Total CVEs 2 Total Indexed

Avg. EPSS 0.55% Exploit Prob.

Latest CVE CVE-2022-27963 Mar 31

Security Vulnerability Index

Page 1 / 1

6.5 CVSS

CVE-2022-27963

RCE

Xftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file.

EPSS: 0.06%

Severity: MEDIUM

Mar 31, 2022

9.8 CVSS

CVE-2019-17320

RCE

NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads attacker to execute arbitrary code by sending a crafted filename.

EPSS: 1.03%

Severity: CRITICAL

Oct 10, 2019

Displaying 2 of 2 Total Entries

Total 1 Sections