Netwin Surgeftp
4 CVEs affecting Netwin Surgeftp. Latest disclosed: 2025-08-05. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-17933 | Medium | 6.1 | 2017-12-29 | cgi/surgeftpmgr.cgi (aka the Web Manager interface on TCP port 7021 or 9021) in NetWin SurgeFTP version 23f2 has XSS via the classid, domainid, or username par… |
CVE-2012-10028 | | 2025-08-05 | Netwin SurgeFTP version 23c8 and prior contains a vulnerability in its web-based administrative console that allows authenticated users to execute arbitrary sy… | |
CVE-2013-4742 | | 2013-08-09 | Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long strin… | |
CVE-2010-1068 | | 2010-03-23 | Multiple cross-site scripting (XSS) vulnerabilities in surgeftpmgr.cgi in NetWin SurgeFTP 2.3a6 allow remote attackers to inject arbitrary web script or HTML v… |