CVE-2023-53886

Xlight FTP Server 3.9.3.6 Stack Buffer Overflow Vulnerability via Execute Program

CVSS 5.1 MEDIUMEPSS 0.4%CWE-121

Xlight FTP Server 3.9.3.6 contains a stack buffer overflow vulnerability in the 'Execute Program' configuration that allows attackers to crash the application. Attackers can trigger the vulnerability by inserting 294 characters into the program execution configuration, causing a denial of service condition.

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Productos afectados

Xlightftpd · Xlight FTP Server

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.exploit-db.com/exploits/51665 https://www.vulncheck.com/advisories/xlight-ftp-server-stack-buffer-overflow-vulnerability-via-execute-program https://www.xlightftpd.com/