CVE-2023-53886
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-15

Last updated on: 2025-12-18

Assigner: VulnCheck

Description
Xlight FTP Server 3.9.3.6 contains a stack buffer overflow vulnerability in the 'Execute Program' configuration that allows attackers to crash the application. Attackers can trigger the vulnerability by inserting 294 characters into the program execution configuration, causing a denial of service condition.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-15
Last Modified
2025-12-18
Generated
2026-06-16
AI Q&A
2025-12-15
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53886
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
xlightftpd xlight_ftp_server 3.9.3.6
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2023-53886 is a stack-based buffer overflow vulnerability in Xlight FTP Server version 3.9.3.6. It occurs in the 'Execute Program' configuration feature, where an attacker can input 294 characters into the program execution configuration, causing the buffer to overflow. This overflow crashes the application, resulting in a denial of service (DoS) condition. The vulnerability requires local access with low privileges and user interaction to be triggered. [2, 3]

Impact Analysis

This vulnerability can cause the Xlight FTP Server application to crash, leading to a denial of service (DoS) condition. This means legitimate users may be unable to access the FTP service while the server is down, potentially disrupting business operations that rely on file transfers. [2, 3]

Detection Guidance

This vulnerability can be detected by checking the 'Execute a Program after user logged in' configuration in Xlight FTP Server version 3.9.3.6 for the presence of an input string of 294 characters, which triggers the stack buffer overflow. A practical detection method is to review the server configuration for this setting and verify if such an excessively long string is present. Additionally, monitoring for crashes or denial of service conditions related to the FTP server may indicate exploitation attempts. There is a proof-of-concept Python script that generates an 'exploit.txt' file containing the overflow string, which can be used in a controlled environment to test the vulnerability. Specific commands are not provided in the resources. [2, 3]

Mitigation Strategies

Immediate mitigation steps include avoiding the use of the vulnerable 'Execute Program' configuration feature with inputs exceeding normal length (specifically avoiding inputs of 294 characters or more). Updating the Xlight FTP Server to a version later than 3.9.3.6, such as the latest version 3.9.4.6, is recommended to address this vulnerability. Additionally, monitoring the server for crashes and restricting local access to trusted users can reduce the risk of exploitation. [1, 2, 3]

Compliance Impact

The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53886. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart