CVE-2024-0737

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 19, 2024

Updated: May 17, 2024

CWE ID 404

Summary

CVE-2024-0737 is a newly identified vulnerability affecting Xlight FTP Server 1.1's Login component. This issue is classified as problematic, as it allows for a denial-of-service (DoS) attack via manipulation of the user argument. The exploit can be initiated remotely, and the vulnerability has been disclosed to the public, potentially increasing the risk of attacks. The exact code affected is unknown, but the impact is significant enough to warrant immediate attention from Xlightftpd users.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uNHtoi
https://www.cve.org/CVERecord?id=CVE-2024-0737
https://nvd.nist.gov/vuln/detail/CVE-2024-0737

Back to Vulnerability Database

CVE-2024-0737

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations