Home

Description

Fetch FTP Client 5.8.2 contains a denial of service vulnerability that allows attackers to trigger 100% CPU consumption by sending long server responses. Attackers can send specially crafted FTP server responses exceeding 2K bytes to cause excessive resource utilization and potentially crash the application.

PUBLISHED Reserved 2025-12-27 | Published 2025-12-30 | Updated 2025-12-30 | Assigner VulnCheck




HIGH: 7.1CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

Allocation of Resources Without Limits or Throttling

Product status

5.8
affected

Credits

LiquidWorm as Gjoko Krstic of Zero Science Lab finder

References

www.exploit-db.com/exploits/50696 (ExploitDB-50696) exploit

www.fetchsoftworks.com (Fetch Softworks Product Homepage) product

www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5696.php (Zero Science Lab Disclosure (ZSL-2022-5696)) third-party-advisory

www.vulncheck.com/...emote-cpu-consumption-denial-of-service (VulnCheck Advisory: Fetch Softworks Fetch FTP Client 5.8.2 Remote CPU Consumption Denial of Service) third-party-advisory

cve.org (CVE-2022-50799)

nvd.nist.gov (CVE-2022-50799)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.