CNNVD-202508-2519 Information
CNNVD ID
CNNVD-202508-2519
Related CVE
- CNNVD Published: 2025-08-20
Description (Chinese)
ProFTPD是ProFTPD开源的一套可配置性强的开放源代码的FTP服务器软件。 ProFTPD 1.3.3c版本存在安全漏洞,该漏洞源于源代码包中嵌入恶意后门,可能导致未经验证的攻击者以root权限执行任意命令。
Description (English)
ProFTPD is a fully configurable, open-source FTP server software for ProFTPD. ProFTPD version 1.3.3c contains a security loophole that originates from the presence of a malicious back door in the source code package, which may result in unauthorized assailants executing arbitrary orders with root authority.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
ProFTPD
Published
2025-08-20
Last Modified
2026-02-24
References
https://www.vulncheck.com/advisories/proftpd-backdoor-command-execution https://www.exploit-db.com/exploits/16921 https://www.exploit-db.com/exploits/15662 http://rsync.proftpd.org/ https://web.archive.org/web/20111107212129/ https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/ftp/proftpd_133c_backdoor.rb https://github.com/proftpd/proftpd https://advisories.checkpoint.com/defense/advisories/public/2011/cpai-2010-151.html/ http://www.proftpd.org/ https://nvd.nist.gov/vuln/detail/CVE-2010-20103