EIP-2026-119583

PRE-CVE

CuteFTP 9.3.0.3 - Denial of Service (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119583. PoCs published by Ismael Nava.

AI-analyzed exploit summary This PoC exploits a buffer overflow vulnerability in CuteFTP 9.3.0.3 by generating a large string of 'A' characters and writing it to a file. The exploit triggers a DoS when the content is pasted into the Host, Username, or Password fields and the connection is attempted.

Description

CuteFTP 9.3.0.3 - Denial of Service (PoC)

Exploits (1)

exploitdb WORKING POC

by Ismael Nava · pythondoswindows_x86-64

https://www.exploit-db.com/exploits/45814

View Code ZIP pw:eip

This PoC exploits a buffer overflow vulnerability in CuteFTP 9.3.0.3 by generating a large string of 'A' characters and writing it to a file. The exploit triggers a DoS when the content is pasted into the Host, Username, or Password fields and the connection is attempted.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: CuteFTP 9.3.0.3

No auth needed

Prerequisites: CuteFTP 9.3.0.3 installed on the target system · Ability to execute the script and interact with the CuteFTP GUI

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026