CVE-2010-20122

21.08.2025, 21:15

Xftp FTP Client version up to and including 3.0 (build 0238) contain a stack-based buffer overflow vulnerability triggered by a maliciously crafted PWD response from an FTP server. When the client connects to a server and receives an overly long directory string in response to the PWD command, the client fails to properly validate the length of the input before copying it into a fixed-size buffer. This results in memory corruption and allows remote attackers to execute arbitrary code on the client system.

Provider	Type	Base Score	Vector
NIST	NIST	UNKNOWN	---
VulnCheck	CNA	---	---
CISA-ADP	ADP	---	---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 48%

Common Weakness Enumeration

CWE-121 - Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/xftp_client_pwd.rb

https://web.archive.org/web/20090312072219/http://www.netsarang.com/download/down_xft3.html

https://www.exploit-db.com/exploits/12332

https://www.exploit-db.com/exploits/16739

https://www.vulncheck.com/advisories/xftp-ftp-client-pwd-response-buffer-overflow