Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2023-45198

ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd (the portable version of NetBSD ftpd) before 20231001 is also vulnerable.

  • Published: Oct 5, 2023
  • Updated: Oct 12, 2023
  • CVE: CVE-2023-45198
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
netbsd / tnftpd - 2023-10-01
netbsd / ftpd - 2023-09-30