CVE-2022-50687
Buffer Overflow in Cobian Backup FTP Password Causes DoS
Publication date: 2025-12-22
Last updated on: 2025-12-22
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cobian_backup | cobian_backup | 11.2.0.582 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a local denial of service (DoS) in Cobian Backup 11 Gravity version 11.2.0.582. It occurs because the application does not properly check the size of the input in the FTP password field. An attacker can input a specially crafted 800-byte buffer (an excessively long password string) which causes the application to crash. This is a classic buffer overflow issue affecting the password input field. [1, 2]
How can this vulnerability impact me? :
The impact of this vulnerability is a denial of service condition where the Cobian Backup application crashes when the specially crafted password is input. This disrupts backup operations, potentially causing loss of availability of backup services. Since the attack requires local access and no privileges, an attacker with local access can cause the application to become unavailable, impacting system reliability. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to reproduce the crash locally on the affected system. Specifically, you can run a script that generates an 800-byte string (e.g., 800 'A' characters), copy this string to the clipboard, then open Cobian Backup 11 Gravity, create a new FTP backup task, and paste the long string into the FTP password field. If the application crashes, the vulnerability is present. There are no specific network detection commands since this is a local vulnerability requiring local access. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding the use of the FTP password input field with excessively long inputs and restricting local access to trusted users only, as the vulnerability requires local access. Monitoring for application crashes when creating or editing FTP backup tasks can help identify exploitation attempts. Applying any available updates or patches from CobianSoft when released is recommended. [2, 3]