CVE-2021-47791

HIGH

Smartftp - Resource Allocation Without Limits

Title source: rule

Description

SmartFTP Client 10.0.2909.0 contains multiple denial of service vulnerabilities that allow attackers to crash the application through specific input manipulation. Attackers can trigger crashes by entering malformed paths, using invalid IP addresses, or clearing connection history in the client's interface.

Exploits (1)

exploitdb WORKING POC

by Eric Salario · pythondoswindows

https://www.exploit-db.com/exploits/50266

View Code ZIP pw:eip

References (4)

[Exploit] https://www.exploit-db.com/exploits/50266

[Product] https://www.smartftp.com/en-us/

[Product] https://www.smartftp.com/en-us/download

[Third Party Advisory] https://www.vulncheck.com/advisories/smartftp-client-multiple-denial-of-service

Scores

CVSS v3 7.5

EPSS 0.0002

EPSS Percentile 4.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-770

Status published

Products (1)

smartftp/smartftp 10.0.2909.0

Published Jan 16, 2026

Tracked Since Feb 18, 2026