CVE-2023-24042

Published January 21st, 2023

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

A race condition in LightFTP through 2.2 allows an attacker to achieve path traversal via a malformed FTP request. A handler thread can use an overwritten context->FileName.

hfiref0x/LightFTP

Small x86-32/x64 FTP Server

GitHub

278