Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-40524 PoC — Pure-FTPd 代码问题漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/network/cves/2021/CVE-2021-40524.yaml
Associated Vulnerability
Title:Pure-FTPd 代码问题漏洞 (CVE-2021-40524)
Description:In Pure-FTPd before 1.0.50, an incorrect max_filesize quota mechanism in the server allows attackers to upload files of unbounded size, which may lead to denial of service or a server hang. This occurs because a certain greater-than-zero test does not anticipate an initial -1 value. (Versions 1.0.23 through 1.0.49 are affected.)
Description
Pure-FTPd versions 1.0.23 through 1.0.49 contain an arbitrary file upload vulnerability due to max_filesize quota issue, allowing large or unbounded file uploads that can cause server hang or resource exhaustion.
File Snapshot

 id: CVE-2021-40524

info:
  name: Pure-FTPd 1.0.23 < 1.0.50 - Arbitrary File Upload
  author: pussyc

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →