Sysax: >> Multi Server >> 4.5 Security Vulnerabilities
Sysax Multi Server versions prior to 5.55 contains a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentication, the server copies the input to a fixed-size stack buffer without proper bounds checking. This allows remote code execution under the context of the service.
CVSS Score
9.8
EPSS Score
0.732
Published
2025-08-13
Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request.
CVSS Score
7.1
EPSS Score
0.638
Published
2013-01-31
Multiple directory traversal vulnerabilities in Sysax Multi Server 4.5 allow remote authenticated users to read or modify arbitrary files via crafted FTP commands. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
9.0
EPSS Score
0.014
Published
2010-04-22
Directory traversal vulnerability in Sysax Multi Server 4.3 and 4.5 allows remote authenticated users to delete arbitrary files via a ..// (dot dot slash slash) in a DELE command.
CVSS Score
4.0
EPSS Score
0.015
Published
2010-04-22