← back
CVE-2023-51713

CVE-2023-51713

EPSS 4.2%
Vexday Risk Score
18Low
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS EPSS 4.2%KEV nãoPoC Nuclei simMetasploit Patch
Lifecycle
22 Dec 2023Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/proftpd/proftpd/blob/1.3.8/NEWShttps://github.com/proftpd/proftpd/issues/1683https://github.com/proftpd/proftpd/issues/1683#issuecomment-1712887554https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html