CVE-2024-46483

Published October 22nd, 2024

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content.

kn32/cve-2024-46483

Pre-Authentication Heap Overflow in Xlight SFTP server <= 3.9.4.2

GitHub