Bilal Qureshi

**Name of the Vulnerable Software and Affected Versions** FileZilla Client version 3.63.1 **Description** The FileZilla Client application is susceptible to a DLL hijacking issue. An attacker can exploit this by placing a specially crafted `TextShaping.dll` file within the application directory. Successful exploitation allows the attacker to execute malicious code, potentially achieving remote code execution when the application is launched. The attack involves replacing a missing DLL with a malicious payload, which can be generated using tools like `msfvenom`. **Recommendations** Replace the `TextShaping.dll` file in the FileZilla Client application directory with a legitimate version.