Browse all 3 CVE security advisories affecting Xlightftpd. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Xlightftpd serves as a Windows-based FTP server primarily used for file transfer and sharing operations. Historically, it has been vulnerable to multiple remote code execution flaws, cross-site scripting vulnerabilities, and privilege escalation issues, with three CVEs currently documented. The application has faced security concerns related to insufficient input validation and improper access controls, which could allow attackers to execute arbitrary code or gain elevated privileges. While no major public security incidents have been widely reported, the consistent presence of vulnerabilities in older versions highlights the importance of maintaining current patches and implementing proper network segmentation when deploying this file transfer solution.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-53886 | Xlight FTP Server 3.9.3.6 Stack Buffer Overflow Vulnerability via Execute Program — Xlight FTP ServerCWE-121 | 7.5AI | HighAI | 2025-12-15 |
| CVE-2024-0737 | Xlightftpd Xlight FTP Server Login denial of service — Xlight FTP ServerCWE-404 | 5.3 | Medium | 2024-01-19 |
This page lists every published CVE security advisory associated with Xlightftpd. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.