hfiref0x/LightFTP

hfiref0x/LightFTP

Releases7

Frequency1 year 6 months

Last Release almost 2 years ago

Stars278

Small x86-32/x64 FTP Server

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-65403 ↗	Dec 1, 2025Monday, 1 December 2025, 16:15	6.5 MEDIUM	—
A buffer overflow in the g_cfg.MaxUsers component of LightFTP v2.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2023-24042 ↗	Jan 21, 2023Saturday, 21 January 2023, 02:15	7.5 HIGH	—
A race condition in LightFTP through 2.2 allows an attacker to achieve path traversal via a malformed FTP request. A handler thread can use an overwritten context->FileName.
CVE-2017-1000218 ↗	Nov 17, 2017Friday, 17 November 2017, 00:29	—	7.5 HIGH
LightFTP version 1.1 is vulnerable to a buffer overflow in the "writelogentry" function resulting a denial of services or a remote code execution.