An unauthenticated stack-based buffer overflow vulnerability in common.c's handle_PORT in uftpd FTP server versions 2.10 and earlier can be abused to cause a crash and could potentially lead to remote code execution.
[
{
"id": "CVE-2020-20276-a2bfc361",
"target": {
"file": "src/ftpcmd.c"
},
"signature_version": "v1",
"source": "https://github.com/troglobit/uftpd/commit/0fb2c031ce0ace07cc19cd2cb2143c4b5a63c9dd",
"signature_type": "Line",
"digest": {
"line_hashes": [
"305627866150381828683865241657895014322",
"12937131316666879073544403319990601086",
"173866264394877993175631420443797992491",
"250823014807152732547613692800473923267"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2020-20276-d12c122b",
"target": {
"function": "handle_PORT",
"file": "src/ftpcmd.c"
},
"signature_version": "v1",
"source": "https://github.com/troglobit/uftpd/commit/0fb2c031ce0ace07cc19cd2cb2143c4b5a63c9dd",
"signature_type": "Function",
"digest": {
"function_hash": "73284893654735530245356761491877463198",
"length": 898.0
},
"deprecated": false
}
]
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-20276.json"
"2026-04-11T12:40:14Z"