CVE-2021-47865

HIGH

ProFTPD 1.3.7a - DoS

Title source: llm

Description

ProFTPD 1.3.7a contains a denial of service vulnerability that allows attackers to overwhelm the server by creating multiple simultaneous FTP connections. Attackers can repeatedly establish connections using threading to exhaust server connection limits and block legitimate user access.

Exploits (1)

exploitdb WORKING POC

by xynmaps · pythondosmultiple

https://www.exploit-db.com/exploits/49697

View Code ZIP pw:eip

References (4)

[Various Sources] http://www.proftpd.org/

[Issue Tracking] https://github.com/proftpd/proftpd/issues/1298

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/49697

[Third Party Advisory] https://www.vulncheck.com/advisories/proftpd-a-remote-denial-of-service

Scores

CVSS v3 7.5

EPSS 0.0002

EPSS Percentile 5.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-770

Status published

Products (1)

ProFTPD/ProFTPD 1.3.7a

Published Jan 21, 2026

Tracked Since Feb 18, 2026