Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2010-20103

A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows remote, unauthenticated attackers to run any OS command on the FTP server host.

Published

2025-08-20T16:15:34.137

Last Modified

2025-09-24T17:02:12.460

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Secondary
CWE-912

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	proftpd	proftpd	1.3.3	Yes

References

http://www.proftpd.org/ Product ([email protected])
https://advisories.checkpoint.com/defense/advisories/public/2011/cpai-2010-151.html/ Third Party Advisory ([email protected])
https://github.com/proftpd/proftpd Product ([email protected])
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/ftp/proftpd_133c_backdoor.rb Exploit, Third Party Advisory ([email protected])
https://web.archive.org/web/20111107212129/http://rsync.proftpd.org/ Release Notes ([email protected])
https://www.exploit-db.com/exploits/15662 Exploit, VDB Entry ([email protected])
https://www.exploit-db.com/exploits/16921 Exploit, VDB Entry ([email protected])
https://www.vulncheck.com/advisories/proftpd-backdoor-command-execution Third Party Advisory ([email protected])
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/ftp/proftpd_133c_backdoor.rb Exploit, Third Party Advisory (134c704f-9b21-4f2e-91b3-4a467353bcc0)
https://www.exploit-db.com/exploits/15662 Exploit, VDB Entry (134c704f-9b21-4f2e-91b3-4a467353bcc0)
https://www.exploit-db.com/exploits/16921 Exploit, VDB Entry (134c704f-9b21-4f2e-91b3-4a467353bcc0)