CVE-2011-2523

CVE-2011-2523

EPSS 96.2%

vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.

Affected products

vsftpd · vsftpd

public PoCs found — 51

githubgithub.com/padsalatushal/CVE-2011-2523★ 16 githubgithub.com/Lynk4/CVE-2011-2523★ 5 githubgithub.com/4m3rr0r/CVE-2011-2523-poc★ 4 githubgithub.com/BolivarJ/CVE-2011-2523★ 4 githubgithub.com/nobodyatall648/CVE-2011-2523★ 3 githubgithub.com/cowsecurity/CVE-2011-2523★ 2 githubgithub.com/MFernstrom/OffensivePascal-CVE-2011-2523★ 2 githubgithub.com/Gill-Singh-A/vsFTP-2.3.4-Remote-Root-Shell-Exploit★ 2 githubgithub.com/krill-x7/CVE-2011-2523★ 1 githubgithub.com/cybermads/CVE-2011-2523★ 1 githubgithub.com/vedpakhare/vsftpd-234-vuln-report★ 1 githubgithub.com/ByteForgeFr/CVE-2011-2523★ 1 githubgithub.com/sug4r-wr41th/CVE-2011-2523★ 0 githubgithub.com/JohanMV/explotacion-vsftpd-nmap_Laboratorio_1★ 0 githubgithub.com/lghost256/vsftpd234-exploit★ 0 githubgithub.com/hklabCR/CVE-2011-2523★ 0 githubgithub.com/hajisthabegum/Exploiting-vsFTPd-2.3.4-Backdoor-Vulnerability-Ethical-Hacking-Lab-with-Metasploitable-2-Metasploit★ 0 githubgithub.com/KlyneZyro/Metasploitable2-VAPT-Report★ 0 githubgithub.com/Mirza-22144/Vulnerability-Assessment-Exploitation-Lab★ 0 githubgithub.com/tshaq17/vsftpd-2.3.4---Backdoor-Command-Execution★ 0 githubgithub.com/Efehamzaa/Metasploit-Red-Pentest-Lab★ 0 githubgithub.com/yagnikkrish/metasploitable-penetration-testing-lab★ 0 githubgithub.com/brettsm/vsftpd2.3.4-backdoor-exploit★ 0 githubgithub.com/Tr00jan99/PwnTillDawn-Portal-Walkthrough★ 0 githubgithub.com/Dahalsamir/CVE-2011-2523-exploit★ 0 githubgithub.com/Mithileshan/soc-investigation-lab★ 0 githubgithub.com/IvoAlbacete/Kali-Metasploitable★ 0 githubgithub.com/Amirmuhammadmarvi/network-security-lab★ 0 githubgithub.com/Prafullya-Shandilya/metasploitable-pentest-report★ 0 githubgithub.com/Taisa456/network-security-snort★ 0 githubgithub.com/emilebarnard242/pentest-metasploitable2★ 0 githubgithub.com/HerculesRD/vsftpd2.3.4PyExploit★ 0 githubgithub.com/Gr4ykt/CVE-2011-2523★ 0 githubgithub.com/0xSojalSec/-CVE-2011-2523★ 0 githubgithub.com/0xSojalSec/CVE-2011-2523★ 0 githubgithub.com/XiangSi-Howard/CTF---CVE-2011-2523★ 0 githubgithub.com/vaishnavucv/CVE-2011-2523★ 0 githubgithub.com/Shubham-2k1/Exploit-CVE-2011-2523★ 0 githubgithub.com/Tenor-Z/SmileySploit★ 0 githubgithub.com/0xB0y426/CVE-2011-2523-PoC★ 0 githubgithub.com/AnugiArrawwala/CVE-Research★ 0 githubgithub.com/Lychi3/vsftpd-backdoor★ 0 githubgithub.com/Chathura123git/ethical-hacking-CVE-2011-2523★ 0 githubgithub.com/NitinSukthe-G/OpenVAS-Vulnerability-Assessment-Incident-Response★ 0 githubgithub.com/H4R335HR/vsftpd-234-backdoor★ 0 githubgithub.com/RinAliyeva/metasploitable2-vsftpd-exploitation★ 0 githubgithub.com/Jhatchi/NexaCorp-DFIR-INC-2026-001★ 0 cve_referencepacketstormsecurity.com/files/102745/VSFTPD-2.3.4-Backdoor-Command-Execution.htmlunverified cve_referencepacketstormsecurity.com/files/162145/vsftpd-2.3.4-Backdoor-Command-Execution.htmlunverified exploitdbwww.exploit-db.com/exploits/49757unverified exploitdbwww.exploit-db.com/exploits/17491unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/162145/vsftpd-2.3.4-Backdoor-Command-Execution.html https://access.redhat.com/security/cve/cve-2011-2523 https://packetstormsecurity.com/files/102745/VSFTPD-2.3.4-Backdoor-Command-Execution.html https://security-tracker.debian.org/tracker/CVE-2011-2523 https://vigilance.fr/vulnerability/vsftpd-backdoor-in-version-2-3-4-10805 https://www.openwall.com/lists/oss-security/2011/07/11/5