Vulnerabilities > Coreftp

DATE CVE VULNERABILITY TITLE RISK
2022-02-17 CVE-2022-22899 Out-of-bounds Write vulnerability in Coreftp Core FTP 2.0
Core FTP / SFTP Server v2 Build 725 was discovered to allow unauthenticated attackers to cause a Denial of Service (DoS) via a crafted packet through the SSH service.
local
low complexity
coreftp CWE-787
5.5
2022-01-10 CVE-2022-22836 Path Traversal vulnerability in Coreftp Core FTP 1.2/2.0
CoreFTP Server before 727 allows directory traversal (for file creation) by an authenticated attacker via ../ in an HTTP PUT request.
network
low complexity
coreftp CWE-22
6.5
2021-04-05 CVE-2020-19596 Classic Buffer Overflow vulnerability in Coreftp Core FTP 1.2
Buffer overflow vulnerability in Core FTP Server v1.2 Build 583, via a crafted username.
network
low complexity
coreftp CWE-120
critical
9.8
2021-04-05 CVE-2020-19595 Classic Buffer Overflow vulnerability in Coreftp Core FTP 2.0
Buffer overflow vulnerability in Core FTP Server v2 Build 697, via a crafted username.
network
low complexity
coreftp CWE-120
7.5
2021-04-02 CVE-2020-21588 Classic Buffer Overflow vulnerability in Coreftp Core FTP 2.2
Buffer overflow in Core FTP LE v2.2 allows local attackers to cause a denial or service (crash) via a long string in the Setup->Users->Username editbox.
local
low complexity
coreftp CWE-120
5.5
2019-03-22 CVE-2019-9649 Path Traversal vulnerability in Coreftp Core FTP 2.0
An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674.
network
low complexity
coreftp CWE-22
5.3
2019-03-22 CVE-2019-9648 Path Traversal vulnerability in Coreftp Core FTP 2.0
An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674.
network
low complexity
coreftp CWE-22
5.3
2019-01-02 CVE-2018-20658 Improper Input Validation vulnerability in Coreftp Core FTP 2.0
The server in Core FTP 2.0 build 653 on 32-bit platforms allows remote attackers to cause a denial of service (daemon crash) via a crafted XRMD command.
network
low complexity
coreftp CWE-20
7.5
2018-07-05 CVE-2018-12113 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Coreftp Core FTP 2.2
Core FTP LE version 2.2 Build 1921 is prone to a buffer overflow vulnerability that may result in a DoS or remote code execution via a PASV response.
network
low complexity
coreftp CWE-119
critical
9.8
2018-03-20 CVE-2014-1215 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Coreftp Core FTP 1.2
Multiple buffer overflows in Core FTP Server before 1.2 build 508 allow local users to gain privileges via vectors related to reading data from config.dat and Windows Registry.
local
low complexity
coreftp CWE-119
7.8