What is CVE-2010-20103?

CVE-2010-20103 is a vulnerability in Proftpd Project (Professional Ftp Daemon), classified under Hidden Functionality. Published 2025-08-20.

Is CVE-2010-20103 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Proftpd Project (Professional Ftp Daemon)

CVE-2010-20103

A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arb…

EPSS: 0.851 (99.4th percentile) — read the EPSS interpretation.

Affected products

Proftpd Project (Professional Ftp Daemon) — versions 1.3.3c

Weakness classification (CWE)

CWE-912 — Hidden Functionality

Public proof-of-concept exploits

rapid7/metasploit-framework

References

web.archive.org/web/20111107212129/http://rsync.proftpd.org/ (vendor-advisory, patch)
raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/u… (exploit)
www.exploit-db.com/exploits/15662 (exploit)
www.exploit-db.com/exploits/16921 (exploit)
advisories.checkpoint.com/defense/advisories/public/2011/cpai-2010-151.html/ (third-party-advisory)
github.com/proftpd/proftpd (product)
www.proftpd.org/ (product)
www.vulncheck.com/advisories/proftpd-backdoor-command-execution (third-party-advisory)

Frequently asked questions

What is CVE-2010-20103?: CVE-2010-20103 is a vulnerability in Proftpd Project (Professional Ftp Daemon), classified under Hidden Functionality. Published 2025-08-20.
Is CVE-2010-20103 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.