Opened 5 years ago

Last modified 5 years ago

#11773 moreinfo Bug report

FileZilla 3.33

Reported by: Kağan Çapar Owned by:
Priority: low Component: FileZilla Client
Keywords: Cc:
Component version: 3.33 Operating system type: Linux
Operating system version: Kali Linux 2018.3_x64


Hello, I'm Kağan, Vulnerability Reasearcher. I found vulnerability Filezilla 3.33 on Kali Linux 2018.3 x64 and I just published proof-of-concept type exploit-db but I managed to write shell code. If this version works with root authority, the authority can be priv-esc. You should know that I did not public. Also, vulnerability is not working Windows OS.

Good luck, I love filezilla!

Click :

Attachments (1)

Screenshot from 2018-10-10 05-28-09.png (130.6 KB ) - added by Kağan Çapar 5 years ago.

Download all attachments as: .zip

Change History (3)

by Kağan Çapar, 5 years ago


comment:1 by Tim Kosse, 5 years ago

Status: newmoreinfo

This doesn't appear to be a bug in FileZilla itself but rather one of the libraries it depends on.

Which version of wxWidgets is FileZilla linked against? Which version of GTK+ is wxWidgets in turn linked against?

comment:2 by Kağan Çapar, 5 years ago

Priority: criticallow
Summary: FileZilla 3.33 Buffer-Overflow (PoC)FileZilla 3.33


Note: See TracTickets for help on using tickets.