← back
CVE-2018-7573

CVE-2018-7573

EPSS 70.2%
An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. This is similar to CVE-2009-3364 and CVE-2017-6465.
Affected products
n/a · n/a
public PoCs found4
cve_referencewww.exploit-db.com/exploits/44596/unverifiedcve_referencewww.exploit-db.com/exploits/44968/unverifiedexploitdbwww.exploit-db.com/exploits/44596unverifiedexploitdbwww.exploit-db.com/exploits/44968unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cxsecurity.com/issue/WLB-2018030011https://www.exploit-db.com/exploits/44596/https://www.exploit-db.com/exploits/44968/