Primary

Context

SmartFTP Client Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in SmartFTP Client versions through 9.0.2615.0. This vulnerability allows local attackers to crash the application by entering an excessively long string in the Host field. Specifically, a buffer of 300 repeated characters can be pasted into the Host connection parameter to trigger the crash.

Impact

Exploiting this vulnerability leads to a crash of the SmartFTP Client application, causing a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by pasting 300 repeated characters into the Host field of the SmartFTP Client version 9.0.2615.0. This action causes the application to crash.

Added: Mar 30, 2026, 12:21 PM

Updated: Mar 30, 2026, 12:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.6

remediation

0.0

relevance

4.9

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.6

remediation

0.0

relevance

4.9

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SmartFTP Client Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating