SecPod Research Team member (Veerendra G.G) has found multiple Buffer Overflow vulnerabilities in Freefloat FTP Server. The flaws are caused due to input validation errors while processing DELE, MDTM, RETR, RMD, RNFR, RNTO, STOU, STOR, SIZE, APPE, STAT commands. The buffer is overflown by sending overly long command arguments, which can be exploited to execute […]

Read More →

SecPod Research Team member (Antu Sanadi) has found a Directory Traversal vulnerability in CiscoKits CCNA TFTP Server. The vulnerability is caused due to improper validation of ‘Read’ request containing ‘../’ sequences. The flaw can be exploited to read arbitrary files via directory traversal attacks. POC : Download here. More information on the flaws can be found here. […]

Read More →

SecPod Research Team member (Prabhu S Angadi) has found a Denial of Service vulnerability in CiscoKits CCNA TFTP Server. The vulnerability is caused due to improper validation of WRITE Request Parameter containing long file name. The flaw can be exploited to crash a vulnerable server denying service to legitimate users. POC : Download here. More information […]

Read More →