Xlightftpd: >> Xlight Ftp Server >> 3.9.1 Security Vulnerabilities
Xlight FTP Server 3.9.1 contains a structured exception handler (SEH) overwrite vulnerability that allows local attackers to crash the application and overwrite SEH pointers by supplying a crafted buffer string. Attackers can inject a 428-byte payload through the program execution field in virtual server configuration to trigger a buffer overflow that corrupts the SEH chain and enables potential code execution.
CVSS Score
8.4
EPSS Score
0.0
Published
2026-04-05