smartftp CVE Vulnerabilities & Metrics

About smartftp Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with smartftp. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Critical smartftp CVEs (CVSS ≥ 9) Over 20 Years

Top 5 Highest CVSS smartftp CVEs

These are the five CVEs with the highest CVSS scores for smartftp, sorted by severity first and recency.

• CVE-2010-4871 smartftp Published on 07 Oct 2011, 10:55 UTC (CVSS: 10.0)
  Unspecified vulnerability in SmartFTP before 4.0 Build 1142 allows attackers to have an unknown impact via a long filename.
• CVE-2007-0790 smartftp Published on 06 Feb 2007, 19:28 UTC (CVSS: 7.5)
  Heap-based buffer overflow in SmartFTP 2.0.1002 allows remote FTP servers to execute arbitrary code via a large banner.
• CVE-2010-5219 smartftp Published on 06 Sep 2012, 10:41 UTC (CVSS: 6.9)
  Untrusted search path vulnerability in SmartFTP 4.0.1140.0 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .txt, .html, or .mpg file. NOTE: some of these details are obtained from third party information.
• CVE-2021-47791 smartftp Published on 16 Jan 2026, 00:16 UTC (CVSS: 0)
  SmartFTP Client 10.0.2909.0 contains multiple denial of service vulnerabilities that allow attackers to crash the application through specific input manipulation. Attackers can trigger crashes by entering malformed paths, using invalid IP addresses, or clearing connection history in the client's interface.

All CVEs for smartftp