CNNVD-202601-1892 Information
Jan 13, 2026
cve
CNNVD ID
CNNVD-202601-1892
Related CVE
- CNNVD Published: 2026-01-13
Description (Chinese)
Tftpd32 SE是Tftpd开源的一个IPv4网络服务器套件。 Tftpd32 SE 4.60版本存在代码问题漏洞,该漏洞源于未加引号的服务路径,可能导致本地攻击者以提升的权限执行任意代码。
Description (English)
Tftpd32 SE is an IPv4 network server package from Tftpd open source. Tftpd32 SE 4.60 has a code problem loophole, which stems from unquoted service paths that may lead local attackers to enforce arbitrary codes with enhanced authority.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
Tftpd
Published
2026-01-13
Last Modified
2026-02-24
References
https://pjo2.github.io/tftpd64/ https://www.exploit-db.com/exploits/51076 https://www.vulncheck.com/advisories/tftpdse-tftpdsvc-unquoted-service-path https://access.redhat.com/security/cve/cve-2023-54338
Patch
https://pjo2.github.io/tftpd64/
Share on: