Vulnerability Database

296,317

Total vulnerabilities in the database

CVE-2021-41635

When installed as Windows service MELAG FTP Server 2.2.0.4 is run as SYSTEM user, which grants remote attackers to abuse misconfigurations or vulnerabilities with administrative access over the entire host system.

  • Published: Jun 24, 2022
  • Updated: Apr 14, 2023
  • CVE: CVE-2021-41635
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 8.8
  • AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 9
  • AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

Software From Fixed in
melag / ftp_server 2.2.0.4 2.2.0.4.x