Home

Description

A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode (PASV) response. The client unconditionally trusts this information and attempts to connect to the specified endpoint, allowing the malicious server to probe for open ports accessible from the client's network.

PUBLISHED Reserved 2026-02-26 | Published 2026-02-26 | Updated 2026-02-26 | Assigner redhat




MEDIUM: 4.3CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Problem types

Server-Side Request Forgery (SSRF)

Product status

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Timeline

2026-02-26:Reported to Red Hat.
2026-02-26:Made public.

Credits

Red Hat would like to thank Codean Labs for reporting this issue.

References

access.redhat.com/security/cve/CVE-2026-28295 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2443004 (RHBZ#2443004) issue-tracking

cve.org (CVE-2026-28295)

nvd.nist.gov (CVE-2026-28295)

Download JSON