Vulnerability Details CVE-2022-28998
Xlight FTP v3.9.3.2 was discovered to contain a stack-based buffer overflow which allows attackers to leak sensitive information via crafted code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.6%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 5.5
References
- https://i.imgur.com/aw6hZo2.png
- https://i.imgur.com/jMURHQF.png
- https://packetstormsecurity.com/files/166381/Xlight-FTP-3.9.3.2-Buffer-Overflow.html
- https://streamable.com/gmqz5x
- https://i.imgur.com/aw6hZo2.png
- https://i.imgur.com/jMURHQF.png
- https://packetstormsecurity.com/files/166381/Xlight-FTP-3.9.3.2-Buffer-Overflow.html
- https://streamable.com/gmqz5x
Products affected by CVE-2022-28998
-
cpe:2.3:a:xlightftpd:xlight_ftp:3.9.3.2