CVE-2001-0550

EXPLOITED

wu-ftpd 2.6.1 - Command Injection

Title source: llm

Description

wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).

Exploits (3)

exploitdb WORKING POC VERIFIED
by Teso · cremotelinux
https://www.exploit-db.com/exploits/348
exploitdb WORKING POC VERIFIED
by Core Security Technologies · textremoteunix
https://www.exploit-db.com/exploits/21161
nomisec WRITEUP
by gilberto47831 · poc
https://github.com/gilberto47831/Network-Filesystem-Forensics

References (14)

Scores

EPSS 0.6088
EPSS Percentile 98.3%

Details

VulnCheck KEV 2017-06-20
Status published
Products (5)
david_madore/ftpd-bsd 0.3.2
david_madore/ftpd-bsd 0.3.3
washington_university/wu-ftpd 2.5.0
washington_university/wu-ftpd 2.6.0
washington_university/wu-ftpd 2.6.1
Published Nov 30, 2001
Tracked Since Feb 18, 2026