CVE-2011-2523

CVE-2011-2523

EPSS 96.2%

vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.

Produtos afetados

vsftpd · vsftpd

PoCs públicas encontradas — 51

githubgithub.com/padsalatushal/CVE-2011-2523★ 16 githubgithub.com/Lynk4/CVE-2011-2523★ 5 githubgithub.com/4m3rr0r/CVE-2011-2523-poc★ 4 githubgithub.com/BolivarJ/CVE-2011-2523★ 4 githubgithub.com/nobodyatall648/CVE-2011-2523★ 3 githubgithub.com/cowsecurity/CVE-2011-2523★ 2 githubgithub.com/MFernstrom/OffensivePascal-CVE-2011-2523★ 2 githubgithub.com/Gill-Singh-A/vsFTP-2.3.4-Remote-Root-Shell-Exploit★ 2 githubgithub.com/krill-x7/CVE-2011-2523★ 1 githubgithub.com/cybermads/CVE-2011-2523★ 1 githubgithub.com/vedpakhare/vsftpd-234-vuln-report★ 1 githubgithub.com/ByteForgeFr/CVE-2011-2523★ 1 githubgithub.com/sug4r-wr41th/CVE-2011-2523★ 0 githubgithub.com/JohanMV/explotacion-vsftpd-nmap_Laboratorio_1★ 0 githubgithub.com/lghost256/vsftpd234-exploit★ 0 githubgithub.com/hklabCR/CVE-2011-2523★ 0 githubgithub.com/hajisthabegum/Exploiting-vsFTPd-2.3.4-Backdoor-Vulnerability-Ethical-Hacking-Lab-with-Metasploitable-2-Metasploit★ 0 githubgithub.com/KlyneZyro/Metasploitable2-VAPT-Report★ 0 githubgithub.com/Mirza-22144/Vulnerability-Assessment-Exploitation-Lab★ 0 githubgithub.com/tshaq17/vsftpd-2.3.4---Backdoor-Command-Execution★ 0 githubgithub.com/Efehamzaa/Metasploit-Red-Pentest-Lab★ 0 githubgithub.com/yagnikkrish/metasploitable-penetration-testing-lab★ 0 githubgithub.com/brettsm/vsftpd2.3.4-backdoor-exploit★ 0 githubgithub.com/Tr00jan99/PwnTillDawn-Portal-Walkthrough★ 0 githubgithub.com/Dahalsamir/CVE-2011-2523-exploit★ 0 githubgithub.com/Mithileshan/soc-investigation-lab★ 0 githubgithub.com/IvoAlbacete/Kali-Metasploitable★ 0 githubgithub.com/Amirmuhammadmarvi/network-security-lab★ 0 githubgithub.com/Prafullya-Shandilya/metasploitable-pentest-report★ 0 githubgithub.com/Taisa456/network-security-snort★ 0 githubgithub.com/emilebarnard242/pentest-metasploitable2★ 0 githubgithub.com/HerculesRD/vsftpd2.3.4PyExploit★ 0 githubgithub.com/Gr4ykt/CVE-2011-2523★ 0 githubgithub.com/0xSojalSec/-CVE-2011-2523★ 0 githubgithub.com/0xSojalSec/CVE-2011-2523★ 0 githubgithub.com/XiangSi-Howard/CTF---CVE-2011-2523★ 0 githubgithub.com/vaishnavucv/CVE-2011-2523★ 0 githubgithub.com/Shubham-2k1/Exploit-CVE-2011-2523★ 0 githubgithub.com/Tenor-Z/SmileySploit★ 0 githubgithub.com/0xB0y426/CVE-2011-2523-PoC★ 0 githubgithub.com/AnugiArrawwala/CVE-Research★ 0 githubgithub.com/Lychi3/vsftpd-backdoor★ 0 githubgithub.com/Chathura123git/ethical-hacking-CVE-2011-2523★ 0 githubgithub.com/NitinSukthe-G/OpenVAS-Vulnerability-Assessment-Incident-Response★ 0 githubgithub.com/H4R335HR/vsftpd-234-backdoor★ 0 githubgithub.com/RinAliyeva/metasploitable2-vsftpd-exploitation★ 0 githubgithub.com/Jhatchi/NexaCorp-DFIR-INC-2026-001★ 0 cve_referencepacketstormsecurity.com/files/102745/VSFTPD-2.3.4-Backdoor-Command-Execution.htmlnão verificado cve_referencepacketstormsecurity.com/files/162145/vsftpd-2.3.4-Backdoor-Command-Execution.htmlnão verificado exploitdbwww.exploit-db.com/exploits/49757não verificado exploitdbwww.exploit-db.com/exploits/17491não verificado

⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://packetstormsecurity.com/files/162145/vsftpd-2.3.4-Backdoor-Command-Execution.html https://access.redhat.com/security/cve/cve-2011-2523 https://packetstormsecurity.com/files/102745/VSFTPD-2.3.4-Backdoor-Command-Execution.html https://security-tracker.debian.org/tracker/CVE-2011-2523 https://vigilance.fr/vulnerability/vsftpd-backdoor-in-version-2-3-4-10805 https://www.openwall.com/lists/oss-security/2011/07/11/5