kn32/cve-2024-46483

Releases0

Stars12

Pre-Authentication Heap Overflow in Xlight SFTP server <= 3.9.4.2

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-46483 ↗	Oct 22, 2024Tuesday, 22 October 2024, 22:15	9.8 CRITICAL	—
Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content.