CVE-2022-29620 Information

Description

DISPUTED FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH or FTP servers via a memory dump.- NOTE: the vendor does not consider this a vulnerability.

Reference

https://whichbuffer.medium.com/filezilla-client-cleartext-storage-of-sensitive-information-in-memory-vulnerability-83958c1e1643 https://youtu.be/eSlfQQytIq0 https://youtu.be/ErZl1i7McHk