CVE-2009-4048

Dxmsoft XM Easy Personal FTP Server <5.8.0 - DoS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2009-4048.

AI-analyzed exploit summary The exploit demonstrates a denial-of-service (DoS) vulnerability in XM Easy Personal FTP Server 5.8.0 by creating over 2000 directories, which crashes the server upon reconnection and directory listing. The Python script automates the creation of directories to trigger the vulnerability.

Description

Dxmsoft XM Easy Personal FTP Server 5.8.0 allows remote authenticated users to cause a denial of service (daemon outage) via an APPE command to one socket in conjunction with a DELE command to a second socket.

Exploits (2)

exploitdb WORKING POC
doswindows
https://www.exploit-db.com/exploits/10221

The exploit demonstrates a denial-of-service (DoS) vulnerability in XM Easy Personal FTP Server 5.8.0 by creating over 2000 directories, which crashes the server upon reconnection and directory listing. The Python script automates the creation of directories to trigger the vulnerability.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: XM Easy Personal FTP Server 5.8.0
Auth required
Prerequisites: Valid FTP credentials · Ability to create directories on the server
devstral-2 · analyzed Feb 19, 2026 Full analysis →
exploitdb WORKING POC
pythondoswindows
https://www.exploit-db.com/exploits/10104

This exploit targets CVE-2009-4048, a vulnerability in Pure-FTPd. It leverages a race condition between the APPE and DELE commands to trigger a denial-of-service (DoS) condition. The script establishes an FTP connection, sends crafted commands, and binds to a local port to exploit the flaw.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Racy
Target: Pure-FTPd (version not specified)
Auth required
Prerequisites: FTP server access · Valid credentials
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/37016
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/507853/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/54277

Scores

EPSS 0.0241
EPSS Percentile 81.9%

Details

Status published
Products (1)
dxmsoft/xm_easy_personal_ftp_server 5.8.0
Published Nov 23, 2009
Tracked Since Feb 18, 2026