Primary

Context

FTPShell Server Buffer Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

A buffer overflow vulnerability has been identified in FTPShell Server version 6.83. This vulnerability allows local attackers to cause the application to crash by entering an excessively long string in the account name field. The denial-of-service condition can be triggered by pasting a 417-byte payload into the 'Account name to ban' parameter within the Manage FTP Accounts interface.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the application to crash.

Reproduction

To reproduce this vulnerability, open FTPShell Server 6.83 and navigate to the 'Manage FTP Accounts' section. Select 'Add Account Name' and paste a 417-byte payload into the 'Account name to ban' field. Click 'Ok' to trigger the crash.

Added: Mar 30, 2026, 12:26 PM

Updated: Mar 30, 2026, 12:26 PM

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

2.5

exploitability

5.2

remediation

0.0

relevance

4.9

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

2.5

exploitability

5.2

remediation

0.0

relevance

4.9

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FTPShell Server Buffer Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Reproduction

Affected Products

FTPShell Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating