CNNVD-202508-380 Information

CNNVD ID

CNNVD-202508-380

Related CVE

CVE-2012-10035

• CNNVD Published: 2025-08-05

Description (Chinese)

TurboFTP Server是美国TurboFTP公司的一款支持FTP和SFTP协议的客户端。 TurboFTP Server 1.30.823版本和1.30.826版本存在安全漏洞，该漏洞源于未正确处理PORT命令，可能导致缓冲区溢出和任意代码执行。

Description (English)

TurboFTP Server is a client of the United States company TurboFTP that supports the FTP and SFTP agreements. There is a security loophole in the TurboFTP Server 1.30.823 and 1.30.826 versions, which stems from the incorrect handling of the PORT commands, which could lead to a buffer zone spill and arbitrary code enforcement.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

TurboFTP

Published

2025-08-05

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/22161 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/turboftp_port.rb https://www.vulncheck.com/advisories/turbo-ftp-server-port-command-buffer-overflow https://access.redhat.com/security/cve/cve-2012-10035