← Back to CVEs
CVE-2020-37067
CRITICAL9.8
Description
Filetto 1.0 FTP server contains a denial of service vulnerability in the FEAT command processing that allows attackers to crash the service. Attackers can send an oversized FEAT command with 11,008 bytes of repeated characters to trigger a buffer overflow and terminate the FTP service.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published2/3/2026
Last Modified2/4/2026
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-770
References
http://www.utillyty.eu(disclosure@vulncheck.com)
https://sourceforge.net/projects/filetto(disclosure@vulncheck.com)
https://www.exploit-db.com/exploits/48503(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/filetto-feat-denial-of-service(disclosure@vulncheck.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.