CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-7573

An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. This is similar to CVE-2009-3364 and CVE-2017-6465.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.784

EPSS Ranking 99.0%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

https://cxsecurity.com/issue/WLB-2018030011
https://www.exploit-db.com/exploits/44596/
https://www.exploit-db.com/exploits/44968/
https://cxsecurity.com/issue/WLB-2018030011
https://www.exploit-db.com/exploits/44596/
https://www.exploit-db.com/exploits/44968/

Products affected by CVE-2018-7573

Ftpshell » Ftpshell Client » Version: 6.70

cpe:2.3:a:ftpshell:ftpshell_client:6.70

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-7573

Products

Pricing

Contact Us