Home

Description

SmartFTP Client 10.0.2909.0 contains multiple denial of service vulnerabilities that allow attackers to crash the application through specific input manipulation. Attackers can trigger crashes by entering malformed paths, using invalid IP addresses, or clearing connection history in the client's interface.

PUBLISHED Reserved 2026-01-14 | Published 2026-01-15 | Updated 2026-01-16 | Assigner VulnCheck




MEDIUM: 4.6CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

Allocation of Resources Without Limits or Throttling

Product status

10.0.2909.0 (32 and 64 bit)
affected

Credits

Eric Salario finder

References

www.exploit-db.com/exploits/50266 exploit

www.exploit-db.com/exploits/50266 (ExploitDB-50266) exploit

www.smartftp.com/en-us/ (SmartFTP Official Homepage) product

www.smartftp.com/en-us/download (SmartFTP Download Page) product

www.vulncheck.com/...rtftp-client-multiple-denial-of-service (VulnCheck Advisory: SmartFTP Client 10.0.2909.0 - 'Multiple' Denial of Service) third-party-advisory

cve.org (CVE-2021-47791)

nvd.nist.gov (CVE-2021-47791)

Download JSON