CVE-2005-0517

PeerFTP_5 - Plaintext Password Storage in PeerFTP.ini

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0517. PoCs published by Kozan.

AI-analyzed exploit summary This exploit reads the PeerFTP.ini configuration file to extract stored credentials (UserID, Username, and Password) from the local system. It leverages the insecure storage of credentials in plaintext within the application's configuration file.

Description

PeerFTP_5 stores sensitive information such as passwords in plaintext in the PeerFTP.ini files, which allows local users to gain privileges.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kozan · c++localwindows

https://www.exploit-db.com/exploits/833

View Code ZIP pw:eip

This exploit reads the PeerFTP.ini configuration file to extract stored credentials (UserID, Username, and Password) from the local system. It leverages the insecure storage of credentials in plaintext within the application's configuration file.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: PeerFTP_5 by Acute Websight Incorporated

No auth needed

Prerequisites: Local access to the system · PeerFTP_5 installed with default configuration

MITRE ATT&CK

T1552.001 - Credentials In Files

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1013263

Scores

EPSS 0.0018

EPSS Percentile 39.0%

Details

Status published

Products (1)

peerftp_5/peerftp_5

Published Feb 23, 2005

Tracked Since Feb 18, 2026