CVE-2023-53959

CRITICAL

FileZilla Client 3.63.1 - Code Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-53959. PoCs published by Bilal Qureshi.

AI-analyzed exploit summary This exploit demonstrates a DLL hijacking vulnerability in FileZilla Client 3.63.1, where a malicious TextShaping.dll can be placed in the application directory to achieve remote code execution when the application loads the DLL.

Description

FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve remote code execution when the application launches.

Exploits (1)

exploitdb WORKING POC
by Bilal Qureshi · textlocalwindows
https://www.exploit-db.com/exploits/51267

This exploit demonstrates a DLL hijacking vulnerability in FileZilla Client 3.63.1, where a malicious TextShaping.dll can be placed in the application directory to achieve remote code execution when the application loads the DLL.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: FileZilla Client 3.63.1
No auth needed
Prerequisites: Ability to place a malicious DLL in the FileZilla installation directory · Network connectivity for reverse shell
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/51267
Various Sources product
https://filezilla-project.org/

Scores

CVSS v3 9.8
EPSS 0.0073
EPSS Percentile 49.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-427
Status published
Products (2)
filezilla-project/FileZilla Client 3.63.1
filezilla-project/filezilla_client 3.63.1
Published Dec 19, 2025
Tracked Since Feb 18, 2026