Heap-Based Buffer Overflow in ProFTPD mod_sftp Affects Authenticated Users
CVE-2026-53994

7.7HIGH

Key Information:

Status
Vendor
CVE Published:
18 July 2026

What is CVE-2026-53994?

The ProFTPD mod_sftp module contains a vulnerability that allows authenticated SFTP users to exploit a heap-based buffer overflow. This occurs during the processing of SFTP packets where the fxp_packet_read() function fails to perform minimum sanity checks on the length of attacker-supplied packets. An attacker can send a specifically crafted packet with a length of zero, triggering an unsigned integer underflow. Consequently, this results in a request for an oversized memory allocation, ultimately leading to a buffer overflow condition. The exploitation of this vulnerability allows authenticated users to crash the ProFTPD session or potentially cause heap metadata corruption, which could have broader implications beyond just a denial of service scenario.

Affected Version(s)

ProFTPD 0

References

CVSS V4

Score:
7.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

devnull445
.