CVE-2021-47791
4.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Summary
SmartFTP Client 10.0.2909.0 contains multiple denial of service vulnerabilities that allow attackers to crash the application through specific input manipulation. Attackers can trigger crashes by entering malformed paths, using invalid IP addresses, or clearing connection history in the client's interface.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Smartftp | SmartFTP Client | 10.0.2909.0 (32 and 64 bit) | affected |
Weaknesses
- CWE-770: Allocation of Resources Without Limits or Throttling
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: partial
Additional References
References
- https://www.exploit-db.com/exploits/50266
- https://www.smartftp.com/en-us/
- https://www.smartftp.com/en-us/download
- https://www.vulncheck.com/advisories/smartftp-client-multiple-denial-of-service
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.