Back to search
CVE-2010-20045
Published: Aug 20, 2025
Modified: May 15, 2026
PUBLISHED
Description
FileWrangler <= 5.30 suffers from a stack-based buffer overflow vulnerability when parsing directory listings from an FTP server. A malicious server can send an overlong folder name in response to a LIST command, triggering memory corruption during client-side rendering. Exploitation requires passive user interaction—simply connecting to the server—without further input. Successful exploitation may lead to arbitrary code execution.
| Vendor | Product | Versions |
|---|---|---|
CursorArts | FileWrangler | affected 0 - <= 5.30 |
Weaknesses (CWE)
References
https://web.archive.org/web/20111016194057/https://www.corelan.be/index.php/2010/10/12/death-of-an-ftp-client/
technical-description
exploit
https://www.vulncheck.com/advisories/filewrangler-stack-buffer-overflow
third-party-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now