exploitDog

CVE-2023-53886

Опубликовано: 15 дек. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Xlight FTP Server 3.9.3.6 contains a stack buffer overflow vulnerability in the 'Execute Program' configuration that allows attackers to crash the application. Attackers can trigger the vulnerability by inserting 294 characters into the program execution configuration, causing a denial of service condition.

Ссылки

https://www.exploit-db.com/exploits/51665
Exploit
Third Party Advisory
https://www.vulncheck.com/advisories/xlight-ftp-server-stack-buffer-overflow-vulnerability-via-execute-program
Third Party Advisory
https://www.xlightftpd.com/
Vendor Advisory
https://www.exploit-db.com/exploits/51665
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:xlightftpd:xlight_ftp_server:3.9.3.6:*:*:*:*:*:*:*

EPSS

Процентиль: 19%

0.00061

Низкий

7.5 High

CVSS3

Дефекты

CWE-121

CWE-787

Связанные уязвимости

GHSA-hxpr-5v98-mw59

CVSS3: 7.5

github

около 2 месяцев назад

Xlight FTP Server 3.9.3.6 contains a stack buffer overflow vulnerability in the 'Execute Program' configuration that allows attackers to crash the application. Attackers can trigger the vulnerability by inserting 294 characters into the program execution configuration, causing a denial of service condition.

EPSS

Процентиль: 19%

0.00061

Низкий

7.5 High

CVSS3

Дефекты

CWE-121

CWE-787