Volerion logoVolerion
Volerion logoVolerion

Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

ProFTPD Backdoor Command Execution Vulnerability

Vulnerability

A backdoor vulnerability has been introduced in ProFTPD version 1.3.3c, specifically in the source tarball distributed between November 28 and December 2, 2010. This backdoor allows remote, unauthenticated attackers to execute arbitrary shell commands with root privileges on the affected server. The malicious modification was made to the official ProFTPD FTP server software, which is widely used in various Linux distributions.

Impact

Exploitation of this vulnerability leads to unauthorized remote command execution with root privileges on the affected system.

Reproduction

The backdoor can be accessed by sending a specially crafted FTP command. Once the backdoor command is invoked, it executes the payload on the server with root privileges. This vulnerability can be reproduced by uploading a payload to the server and then using the backdoor to execute it.

Remediation

Users are advised to update to ProFTPD versions 1.3.3f or 1.3.4rc3, both of which are available on the official ProFTPD website.

Added: Aug 20, 2025, 4:35 PM
Updated: Aug 20, 2025, 4:35 PM

Vulnerability Rating

Custom Algorithm
spread
6.4
impact
10.0
exploitability
10.0
remediation
7.7
relevance
0.4
threat
9.7
urgency
2.9
incentive
10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.