CVE-2020-9273

HIGH

ProFTPD 1.3.7 - Use-After-Free in Memory Pool via Data Transfer Channel Interruption

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2020-9273. PoCs published by lockedbyte, dukptkey, ptef.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2020-9273, a use-after-free vulnerability in ProFTPd leading to remote code execution. The exploit leverages memory leaks via `/proc/self/maps` and hijacks control flow through pool corruption to achieve RCE.

Description

In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.

Exploits (3)

github WORKING POC 690 stars

by lockedbyte · cpoc

https://github.com/lockedbyte/CVE-Exploits/tree/master/CVE-2020-9273

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2020-9273, a use-after-free vulnerability in ProFTPd leading to remote code execution. The exploit leverages memory leaks via `/proc/self/maps` and hijacks control flow through pool corruption to achieve RCE.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: ProFTPd 1.3.7rc2 with mod_copy enabled

Auth required

Prerequisites: Valid user credentials · mod_copy module enabled in ProFTPd

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 27, 2026 Full analysis →

nomisec WORKING POC 14 stars

by dukptkey · poc

https://github.com/dukptkey/CVE-2020-9273

View Code ZIP pw:eip

This repository contains functional exploit code for CVE-2020-9273, a use-after-free vulnerability in ProFTPD. The exploit demonstrates remote code execution by manipulating memory structures and includes detailed technical commentary on the exploitation process.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Racy

Target: ProFTPD <= 1.3.7rc2

Auth required

Prerequisites: authenticated FTP access · ability to upload files · knowledge of memory addresses (or brute-forcing)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed May 30, 2026 Full analysis →

nomisec WORKING POC 12 stars

by ptef · poc

https://github.com/ptef/CVE-2020-9273

View Code ZIP pw:eip

This repository contains functional exploit code for CVE-2020-9273, a heap use-after-free vulnerability in ProFTPd. The exploit includes a demo and a reliable version, both demonstrating remote code execution via crafted FTP commands and shellcode.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: ProFTPd (version not explicitly specified, but likely 1.3.7a or earlier)

Auth required

Prerequisites: Authenticated FTP access · Ability to upload files · Localhost testing environment

MITRE ATT&CK