CVE-2020-37067

CRITICAL

Filetto 1.0 - DoS

Title source: llm

Description

Filetto 1.0 FTP server contains a denial of service vulnerability in the FEAT command processing that allows attackers to crash the service. Attackers can send an oversized FEAT command with 11,008 bytes of repeated characters to trigger a buffer overflow and terminate the FTP service.

Exploits (1)

exploitdb WORKING POC

by Socket_0x03 · pythondoswindows

https://www.exploit-db.com/exploits/48503

View Code ZIP pw:eip

References (4)

[Various Sources] http://www.utillyty.eu

[Product] https://sourceforge.net/projects/filetto

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/48503

[Third Party Advisory] https://www.vulncheck.com/advisories/filetto-feat-denial-of-service

Scores

CVSS v3 9.8

EPSS 0.0006

EPSS Percentile 18.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-770

Status published

Products (1)

Utillyty/Filetto 1.0

Published Feb 03, 2026

Tracked Since Feb 18, 2026