PT-2022-19353 · Lightftp · Lightftp

Published

2022-05-23

Updated

2022-06-03

CVE-2022-28998

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Xlight FTP version 3.9.3.2

Description A stack-based buffer overflow was discovered in Xlight FTP, allowing attackers to leak sensitive information via crafted code.

Recommendations For Xlight FTP version 3.9.3.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2022-28998

Affected Products

Lightftp

PT-2022-19353 · Lightftp · Lightftp

CVE-2022-28998

Weakness Enumeration

Related Identifiers

Affected Products

References · 8