Primary

Context

Cobian Backup Denial-of-Service Vulnerability in FTP Password Field

Vulnerability

A denial-of-service vulnerability has been identified in Cobian Backup 11 Gravity, specifically in version 11.2.0.582. The issue arises in the FTP password input field, where attackers can paste a specially crafted 800-byte buffer to crash the application.

Impact

Exploitation of this vulnerability leads to a crash of the Cobian Backup application.

Reproduction

To reproduce this vulnerability, first generate an 800-byte buffer using a Python script. Save this buffer into a text file. Then, open Cobian Backup 11 Gravity and create a new FTP task. Paste the buffered content into the password field and confirm the task. The application will crash upon doing so.

Added: Dec 22, 2025, 10:27 PM

Updated: Dec 22, 2025, 10:27 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

6.0

remediation

0.0

relevance

1.7

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

6.0

remediation

0.0

relevance

1.7

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Cobian Backup Denial-of-Service Vulnerability in FTP Password Field

Vulnerability

Impact

Reproduction

Affected Products

Cobian Backup 11 Gravity

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating