CVE-2010-20045

CVSS

No CVSS.

F

ileWrangler <= 5.30 suffers from a stack-based buffer overflow vulnerability when parsing directory listings from an FTP server. A malicious server can send an overlong folder name in response to a LIST command, triggering memory corruption during client-side rendering. Exploitation requires passive user interaction—simply connecting to the server—without further input. Successful exploitation may lead to arbitrary code execution.

References

Link	Resource
https://cursorarts.com/ca_fw.html
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/filewrangler_list_reply.rb
https://web.archive.org/web/20111016194057/https://www.corelan.be/index.php/2010/10/12/death-of-an-ftp-client/
https://www.exploit-db.com/exploits/16721
https://www.vulncheck.com/advisories/filewrangler-stack-buffer-overflow

Configurations

No configuration.

History

22 Aug 2025, 18:09

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-20 16:15

Updated : 2025-08-22 18:09

NVD link : CVE-2010-20045

Mitre link : CVE-2010-20045

CVE.ORG link : CVE-2010-20045

JSON object : View

Products Affected

No product.

CWE

CWE-121

Stack-based Buffer Overflow

{"id": "CVE-2010-20045", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.5, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-08-20T16:15:33.597", "references": [{"url": "https://cursorarts.com/ca_fw.html", "source": "[email protected]"}, {"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/filewrangler_list_reply.rb", "source": "[email protected]"}, {"url": "https://web.archive.org/web/20111016194057/https://www.corelan.be/index.php/2010/10/12/death-of-an-ftp-client/", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/16721", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/filewrangler-stack-buffer-overflow", "source": "[email protected]"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "FileWrangler <= 5.30 suffers from a stack-based buffer overflow vulnerability when parsing directory listings from an FTP server. A malicious server can send an overlong folder name in response to a LIST command, triggering memory corruption during client-side rendering. Exploitation requires passive user interaction\u2014simply connecting to the server\u2014without further input. Successful exploitation may lead to arbitrary code execution."}, {"lang": "es", "value": "FileWrangler <= 5.30 sufre una vulnerabilidad de desbordamiento de b\u00fafer en la pila al analizar listados de directorios desde un servidor FTP. Un servidor malicioso puede enviar un nombre de carpeta demasiado largo en respuesta a un comando LIST, lo que provoca corrupci\u00f3n de memoria durante la renderizaci\u00f3n del lado del cliente. Su explotaci\u00f3n requiere la interacci\u00f3n pasiva del usuario (simplemente conect\u00e1ndose al servidor) sin necesidad de intervenci\u00f3n adicional. Una explotaci\u00f3n exitosa puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario."}], "lastModified": "2025-08-22T18:09:17.710", "sourceIdentifier": "[email protected]"}