CNNVD-202508-373 Information
CNNVD ID
CNNVD-202508-373
Related CVE
- CNNVD Published: 2025-08-05
Description (Chinese)
NetWin Netwin SurgeFTP是新西兰NetWin公司的一款多平台FTP服务器软件。 NetWin Netwin SurgeFTP 23c8及之前版本存在安全漏洞,该漏洞源于未正确处理POST请求,可能导致远程命令执行。
Description (English)
NetWin Netwin SurgeFTP is a multi-platform FTP server software for NetWin, New Zealand. NetWin Netwin SurgeFTP 23c8 and previous versions had a security loophole, which stemmed from incorrect handling of POST requests and could lead to remote command execution.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
NetWin
Published
2025-08-05
Last Modified
2026-02-24
References
https://www.vulncheck.com/advisories/netwin-surgeftp-auth-rce https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/ https://www.exploit-db.com/exploits/23601 https://www.exploit-db.com/exploits/23522 https://netwinsite.com/surgeftp/ https://access.redhat.com/security/cve/cve-2012-10028
Share on: