CVE-2026-42167 | ProFTPD up to 1.3.9 mod_sql User Remote Code Execution (ID 2052)

Inserito da Angelo Barbosa | Apr 29, 2026 | CVE

A vulnerability marked as critical has been reported in ProFTPD up to 1.3.9. The affected element is an unknown function of the component mod_sql. This manipulation of the argument User causes Remote Code Execution.

This vulnerability is handled as CVE-2026-42167. The attack can be initiated remotely. There is not any exploit available.

It is suggested to upgrade the affected component.

CVE-2026-42167 | ProFTPD up to 1.3.9 mod_sql User Remote Code Execution (ID 2052)

Post correlati

CVE-2024-58238 | Linux Kernel up to 6.6.48 Bluetooth btnxpuart_queue_skb iteration

CVE-2026-34990 | OpenPrinting CUPS up to 2.4.16 on Linux IPP Service /admin/ improper authentication

CVE-2025-49753 | Microsoft Windows Server 2008 R2 SP1 up to Server 2022 23H2 Routing/Remote Access Service heap-based overflow

CVE-2024-51327 | projectworlds Travel Management System 1.0 loginform.php username/password sql injection