cvedb.io
CVE-2022-46378
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2023-05-10T16:15:10.413 · Last modified 2026-06-17T05:11:39.430

Summary

An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs when no port argument is provided to the `PORT` command.

Affected products

weston-embedded — uc-ftps

Does this affect you?

Add your gear to cvedb and we'll alert you only when weston-embedded ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.