Vulnerability CVE-2022-41985


Published: 2023-05-10

Description:
An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially crafted set of network packets can lead to authentication bypass and denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.

Type:

CWE-303

(Incorrect Implementation of Authentication Algorithm)

 References:
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1680
https://github.com/weston-embedded/uC-FTPs/pull/1

Copyright 2024, cxsecurity.com

 

Back to Top