CVE-2018-7573

CRITICAL

Ftpshell Client - Memory Corruption

Title source: rule

Description

An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. This is similar to CVE-2009-3364 and CVE-2017-6465.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/44968

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by r4wd3r · pythonremotewindows

https://www.exploit-db.com/exploits/44596

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by r4wd3r, Daniel Teixeira · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/ftpshell_cli_bof.rb

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory] https://cxsecurity.com/issue/WLB-2018030011

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/44596/

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/44968/

Scores

CVSS v3 9.8

EPSS 0.7795

EPSS Percentile 99.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (1)

ftpshell/ftpshell_client 6.70

Published Mar 01, 2018

Tracked Since Feb 18, 2026