CVE-2020-36983

HIGH

Quick 'n Easy FTP Service 3.2 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-36983. PoCs published by yunaranyancat.

AI-analyzed exploit summary This is a writeup describing an unquoted service path vulnerability in Quick 'n Easy FTP Service 3.2. The vulnerability could allow local privilege escalation by exploiting the service path in the Windows registry.

Description

Quick 'n Easy FTP Service 3.2 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code during service startup. Attackers can exploit the misconfigured service binary path to inject malicious executables with elevated LocalSystem privileges during system boot or service restart.

Exploits (1)

exploitdb WRITEUP
by yunaranyancat · textlocalwindows
https://www.exploit-db.com/exploits/48983

This is a writeup describing an unquoted service path vulnerability in Quick 'n Easy FTP Service 3.2. The vulnerability could allow local privilege escalation by exploiting the service path in the Windows registry.

Classification
Writeup 90%
Attack Type
Lpe
Complexity
Trivial
Reliability
Theoretical
Target: Quick 'n Easy FTP Service 3.2
Auth required
Prerequisites: Local access to the system · Ability to modify the file system or registry
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 7.8
EPSS 0.0016
EPSS Percentile 5.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-428
Status published
Products (1)
Pablosoftwaresolutions/Quick 'n Easy FTP Service 3.2
Published Jan 27, 2026
Tracked Since Feb 18, 2026