CVE-2001-0933

Cooolsoft PowerFTP Server 2.03 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0933. PoCs published by alt3kx.

AI-analyzed exploit summary This repository provides a technical description of CVE-2001-0933, an information disclosure vulnerability in Cooolsoft PowerFTP Server 2.03. The vulnerability allows remote attackers to list arbitrary drive contents via a crafted LIST command. The README includes references to external security advisories but lacks functional exploit code.

Description

Cooolsoft PowerFTP Server 2.03 allows remote attackers to list the contents of arbitrary drives via a ls (LIST) command that includes the drive letter as an argument, e.g. "ls C:".

Exploits (1)

nomisec WRITEUP

by alt3kx · poc

https://github.com/alt3kx/CVE-2001-0933

View Code ZIP pw:eip

This repository provides a technical description of CVE-2001-0933, an information disclosure vulnerability in Cooolsoft PowerFTP Server 2.03. The vulnerability allows remote attackers to list arbitrary drive contents via a crafted LIST command. The README includes references to external security advisories but lacks functional exploit code.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Cooolsoft PowerFTP Server 2.03

No auth needed

Prerequisites: Network access to the vulnerable PowerFTP Server

MITRE ATT&CK

T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=100698397818175&w=2

Scores

EPSS 0.0440

EPSS Percentile 90.1%

Details

Status published

Products (1)

cooolsoft/powerftp 2.03

Published Nov 28, 2001

Tracked Since Feb 18, 2026