Total vulnerabilities in the database
NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021.
Software | From | Fixed in |
---|---|---|
netwin / surgeftp | 2.0c | 2.0c.x |
netwin / surgeftp | 2.0a | 2.0a.x |
netwin / surgeftp | 2.0d | 2.0d.x |
netwin / surgeftp | 2.0e | 2.0e.x |
netwin / surgeftp | 2.0f | 2.0f.x |
netwin / surgeftp | 2.0b | 2.0b.x |