CVE-2017-15035
HIGHEmTec PyroBatchFTP < 3.17 - Denial of Service via Buffer Overflow
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2017-15035. PoCs published by Kevin McGuigan.
AI-analyzed exploit summary This exploit triggers a local buffer overflow (SEH) in PyroBatchFTP 3.17 by sending a malformed FTP response containing a large buffer. It sets up a fake FTP server to deliver the payload when a client connects.
Description
EmTec PyroBatchFTP before 3.18 allows remote servers to cause a denial of service (application crash).
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Kevin McGuigan · pythondoswindows
https://www.exploit-db.com/exploits/42962
This exploit triggers a local buffer overflow (SEH) in PyroBatchFTP 3.17 by sending a malformed FTP response containing a large buffer. It sets up a fake FTP server to deliver the payload when a client connects.
Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:
PyroBatchFTP 3.17
No auth needed
Prerequisites:
Network access to the target · Target must connect to the malicious FTP server
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (3)
Core 3
Core References
Release Notes, Vendor Advisory x_refsource_confirm
https://www.emtec.com/downloads/pyrobatchftp/pyrobatchftp318_changes.txt
Exploit, Third Party Advisory x_refsource_misc
https://www.7elements.co.uk/resources/technical-advisories/pyrobatchftp-buffer-overflow-seh-overwrite/
Exploit, Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/42962/
Scores
CVSS v3
7.5
EPSS
0.0561
EPSS Percentile
91.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-119
Status
published
Products (1)
emtec/pyrobatchftp
< 3.17
Published
Oct 05, 2017
Tracked Since
Feb 18, 2026