CVE-2010-20108 in FTP Clientinformazioni

Riassunto

di MITRE • 22/08/2025

FTPPad <= 1.2.0 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long directory and filename, the application fails to properly validate input length. This results in a buffer overflow that overwrites the saved Extended Instruction Pointer (EIP), allowing remote attackers to execute arbitrary code.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsabile

VulnCheck

Prenotare

20/08/2025

Divulgazione

22/08/2025

Moderazione

accettato

Voce

VDB-320992

CPE

pronto

CWE

CWE-121 (confermato)

CVSS

6.3 (VulDB)

EPSS

0.00476

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2010-20108
NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-20108
CVE Details	https://www.cvedetails.com/cve/CVE-2010-20108/

◂ Precedente Visione D'ensemble Il prossimo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!