9.8
CRITICAL
CVE-2024-46483
Xlight FTP Server SFTP Heap Overflow Vulnerability
Description

Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content.

INFO

Published Date :

Oct. 22, 2024, 10:15 p.m.

Last Modified :

Oct. 23, 2024, 7:35 p.m.

Remotely Exploitable :

Yes !

Impact Score :

5.9

Exploitability Score :

3.9
Public PoC/Exploit Available at Github

CVE-2024-46483 has a 2 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2024-46483 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2024-46483.

URL Resource
https://github.com/kn32/cve-2024-46483

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Pre-Authentication Heap Overflow in Xlight SFTP server <= 3.9.4.2

Python

Updated: 2 weeks, 3 days ago
12 stars 4 fork 4 watcher
Born at : Oct. 18, 2024, 11:46 a.m. This repo has been linked 1 different CVEs too.

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

security cve exploit poc vulnerability

Updated: 2 weeks, 1 day ago
6566 stars 1140 fork 1140 watcher
Born at : Dec. 8, 2019, 1:03 p.m. This repo has been linked 958 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-46483 vulnerability anywhere in the article.

  • Cybersecurity News
Palo Alto Networks Warns of GlobalProtect App Flaw with Public Exploit Code (CVE-2024-5921)

Palo Alto Networks has issued a security advisory warning of a vulnerability in its GlobalProtect app that could allow attackers to install malicious software on endpoints.The vulnerability, identifie ... Read more

Published Date: Nov 26, 2024 (3 weeks, 4 days ago)
  • Cybersecurity News
CISA Sounds the Alarm on Actively Exploited Apple and Oracle Zero-Days

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about three actively exploited vulnerabilities affecting Apple and Oracle products. These flaws, added to CISA’ ... Read more

Published Date: Nov 22, 2024 (4 weeks, 1 day ago)
  • Cybersecurity News
CVE-2024-52940: AnyDesk Vulnerability Exposes User IP Addresses, PoC Published

Image: Ebrahim ShafieiA newly discovered vulnerability in popular remote desktop software AnyDesk could allow attackers to uncover users’ IP addresses, posing significant privacy risks. Security resea ... Read more

Published Date: Nov 21, 2024 (1 month ago)
  • Cybersecurity News
FrostyGoop: New ICS Malware Exploits Modbus TCP Protocol

Recently, Palo Alto Networks has released an in-depth analysis of FrostyGoop, also known as BUSTLEBERM, a sophisticated malware targeting operational technology (OT). This malware gained attention in ... Read more

Published Date: Nov 21, 2024 (1 month ago)
  • Cybersecurity News
CVE-2024-51503: Trend Micro Deep Security Agent RCE Vulnerability Fixed

A recently discovered vulnerability in the Trend Micro Deep Security 20 Agent could have allowed attackers to execute arbitrary code on affected machines. The vulnerability, identified as CVE-2024-515 ... Read more

Published Date: Nov 20, 2024 (1 month ago)
  • Cybersecurity News
Analysis & PoC Exploits Released for Palo Alto Zero-Days – CVE-2024-0012 and CVE-2024-9474

Image: WatchtowrIn a recent analysis, security researcher Sonny from watchTowr unveiled the technical intricacies of two zero-day vulnerabilities affecting Palo Alto Networks’ Next-Generation Firewall ... Read more

Published Date: Nov 20, 2024 (1 month ago)
  • Cybersecurity News
CVE-2024-0012 and CVE-2024-9474: Actively Exploited Vulnerabilities Impact Palo Alto Networks PAN-OS

Palo Alto Networks has issued critical advisories regarding two actively exploited vulnerabilities in their PAN-OS software, posing significant risks to organizations relying on the platform for netwo ... Read more

Published Date: Nov 18, 2024 (1 month ago)
  • Cybersecurity News
Stealc Malware: The Infostealer Targeting Credentials, Crypto Wallets, and More

In a recent analysis, the SonicWall Capture Labs threat research team revealed the insidious capabilities of Stealc, an infostealer malware designed to steal credentials, cryptocurrency, and other sen ... Read more

Published Date: Nov 06, 2024 (1 month, 2 weeks ago)
  • The Cyber Express
New Vulnerabilities in Fortinet, SonicWall, and Grafana Pose Significant Risks

Cyble Research and Intelligence Labs (CRIL) has identified new IT vulnerabilities affecting Fortinet, SonicWall, Grafana Labs, and CyberPanel, among others. The report for the week of October 23-29 hi ... Read more

Published Date: Nov 04, 2024 (1 month, 2 weeks ago)
  • The Cyber Express
Nearly 1 Million Vulnerable Fortinet, SonicWall Devices Exposed to the Web

Nearly 1 million Fortinet and SonicWall devices with actively exploited vulnerabilities are exposed on the internet, according to Cyble’s weekly vulnerability report published today. The report also l ... Read more

Published Date: Nov 01, 2024 (1 month, 2 weeks ago)
  • Cybersecurity News
CVE-2024-38094 Exploited: Attackers Gain Domain Access via Microsoft SharePoint Server

Image: Rapid7A recent report from Rapid7’s Incident Response team reveals a serious compromise of a Microsoft SharePoint server that enabled an attacker to gain entire domain access, impacting critica ... Read more

Published Date: Nov 01, 2024 (1 month, 3 weeks ago)
  • security.nl
Groot aantal Xlight ftp-servers op internet via kritiek lek op afstand over te nemen

Een groot aantal Xlight ftp-servers die vanaf internet benaderbaar zijn bevatten een kritieke kwetsbaarheid waardoor de systemen op afstand door een ongeauthenticeerde aanvaller zijn over te nemen. Da ... Read more

Published Date: Oct 31, 2024 (1 month, 3 weeks ago)

The following table lists the changes that have been made to the CVE-2024-46483 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Oct. 23, 2024

    Action Type Old Value New Value
    Added CWE CISA-ADP CWE-190
    Added CVSS V3.1 CISA-ADP AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • CVE Received by [email protected]

    Oct. 22, 2024

    Action Type Old Value New Value
    Added Description Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content.
    Added Reference MITRE https://github.com/kn32/cve-2024-46483 [No types assigned]
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-46483 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-46483 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability