Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
EasyFTP Server <= 1.7.0.11 CWD Command Stack Buffer Overflow
Vulnerability Description
EasyFTP Server versions up to 1.7.0.11 contain a stack-based buffer overflow vulnerability in the FTP command parser. When processing the CWD (Change Working Directory) command, the server fails to properly validate the length of the input string, allowing attackers to overwrite memory on the stack. This flaw enables remote code execution without authentication, as EasyFTP allows anonymous access by default. The vulnerability was resolved in version 1.7.0.12, after which the product was renamed “UplusFtp.”
CVSS Information
N/A
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
EasyFTP 安全漏洞
Vulnerability Description
EasyFTP是一个易于使用的FTP服务。 EasyFTP 1.7.0.11及之前版本存在安全漏洞,该漏洞源于处理CWD命令时未验证输入长度,可能导致栈缓冲区溢出和执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A