Primary

Context

FTP Voyager Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in FTP Voyager version 16.2.0. This vulnerability allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. By creating a malicious site profile with 500 bytes of repeated characters and pasting it into the IP field, attackers can trigger a buffer overflow that causes the FTP Voyager process to crash.

Impact

Exploitation of this vulnerability leads to a crash of the FTP Voyager application, causing a denial-of-service condition.

Reproduction

To reproduce this vulnerability, create a site profile in FTP Voyager 16.2.0. Inject 500 bytes of repeated characters into the IP field of the site profile. Once the oversized buffer data is pasted, the application will crash, demonstrating the denial-of-service vulnerability.

Added: Apr 4, 2026, 2:20 PM

Updated: Apr 4, 2026, 2:20 PM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

0.6

exploitability

4.6

remediation

0.0

relevance

5.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

0.6

exploitability

4.6

remediation

0.0

relevance

5.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FTP Voyager Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

SolarWinds FTP Voyager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating