CVE-2018-7449

Опубликовано: 04 мар. 2018

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Средний

Описание

SEGGER FTP Server for Windows before 3.22a allows remote attackers to cause a denial of service (daemon crash) via an invalid LIST, STOR, or RETR command.

Ссылки

http://hyp3rlinx.altervista.org/advisories/SEGGER-embOS-FTP-SERVER-v3.22-FTP-COMMANDS-DENIAL-OF-SERVICE.txt
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/44221/
Exploit
Third Party Advisory
VDB Entry
http://hyp3rlinx.altervista.org/advisories/SEGGER-embOS-FTP-SERVER-v3.22-FTP-COMMANDS-DENIAL-OF-SERVICE.txt
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/44221/
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:segger:embos\/ip_ftp_server:3.22:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.20849

Средний

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-fqxf-vw9h-g9mf