QwikSec

Security Database

CVE

CWE

Training

CVE-2019-17320

Published: Oct 10, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads attacker to execute arbitrary code by sending a crafted filename.

Vendor	Product	Versions
NetSarang	XFTP	affected `6.0149 and earlier`

Weaknesses (CWE)

References

https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35160

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.