CVE-2016-15003

MEDIUM

FileZilla Client 3.17.0.0 - Unquoted Search Path

Title source: llm

Description

A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Exploits (1)

exploitdb WRITEUP

by Cyril Vallicari · textlocalwindows

https://www.exploit-db.com/exploits/39803

View Code ZIP pw:eip

References (3)

Core 3

Core References

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/39803/

Exploit, Third Party Advisory x_refsource_misc

https://youtu.be/r06VwwJ9J4M

Third Party Advisory x_refsource_misc

https://vuldb.com/?id.97204

Scores

CVSS v3 6.3

EPSS 0.0043

EPSS Percentile 62.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-428

Status published

Products (1)

filezilla-project/filezilla_client 3.17.0

Published Jul 18, 2022

Tracked Since Feb 18, 2026