Format String Vulnerability in ABB IDAL FTP Server
CVE-2019-7230 · HIGH Severity
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
The ABB IDAL FTP server mishandles format strings in a username during the authentication process. Attempting to authenticate with the username %s%p%x%d will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack.
Learn more about our Cis Benchmark Audit For Server Software.