6.6 Medium
AI Score
Confidence
Low
0.125 Low
EPSS
Percentile
95.5%
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
www.debian.org/security/2003/dsa-377