CVE-2010-20103

CRITICAL EXPLOITED NUCLEI

ProFTPD <1.3.3c - RCE

Title source: llm

Description

A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows remote, unauthenticated attackers to run any OS command on the FTP server host.

Exploits (3)

exploitdb WRITEUP VERIFIED

by anonymous · textremotelinux

https://www.exploit-db.com/exploits/15662

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotelinux

https://www.exploit-db.com/exploits/16921

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by MC, darkharper2 · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/ftp/proftpd_133c_backdoor.rb

View Code ZIP pw:eip

Nuclei Templates (1)

ProFTPd-1.3.3c - Backdoor Command Execution

CRITICALby pussycat0x

Shodan: product:\"ProFTPD\"

References (8)

[Product] http://www.proftpd.org/

[Third Party Advisory] https://advisories.checkpoint.com/defense/advisories/public/2011/cpai-2010-151.html/

[Product] https://github.com/proftpd/proftpd

[Exploit, Third Party Advisory] https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/ftp/proftpd_133c_backdoor.rb

[Release Notes] https://web.archive.org/web/20111107212129/http://rsync.proftpd.org/

[Exploit, VDB Entry] https://www.exploit-db.com/exploits/15662

[Exploit, VDB Entry] https://www.exploit-db.com/exploits/16921

[Third Party Advisory] https://www.vulncheck.com/advisories/proftpd-backdoor-command-execution

Scores

CVSS v3 9.8

EPSS 0.8508

EPSS Percentile 99.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitation Intel

VulnCheck KEV 2025-08-20

Classification

CWE

CWE-912

Status published

Affected Products (1)

proftpd/proftpd

Timeline

Published Aug 20, 2025

Tracked Since Feb 18, 2026