CVE-2024-1016

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 29, 2024

Updated: May 17, 2024

CWE ID 404

Summary

CVE-2024-1016 is a recently disclosed vulnerability affecting Solar FTP Server versions 2.1.1 and 2.1.2. The issue lies within the PASV Command Handler and has been identified as a denial-of-service (DoS) vulnerability. An attacker can exploit this remotely, leading to service interruption. The specific code causing the problem remains unknown, but the exploit has been made public, increasing the risk. To mitigate this threat, it is strongly advised to install the available patch. Vulnerability database VDB assigns the identifier VDB-252286 to this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uUuFVO
https://www.cve.org/CVERecord?id=CVE-2024-1016
https://nvd.nist.gov/vuln/detail/CVE-2024-1016

Back to Vulnerability Database

CVE-2024-1016

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations