Every CVE whose affected-product data names Monstaftp Monsta Ftp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2020-14056 — CVSS 9.8 (critical): Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch…
CVE-2020-14057 — CVSS 9.8 (critical): Monsta FTP 2.10.1 or below allows external control of paths used in filesystem operations. This allows attackers to read and write…
CVE-2022-27468 — CVSS 9.8 (critical): Monstaftp v2.10.3 was discovered to contain an arbitrary file upload which allows attackers to execute arbitrary code via a crafted file…
CVE-2025-34299 — CVSS 9.8 (critical): Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated arbitrary file uploads. This flaw enables…
CVE-2020-14055 — CVSS 6.1 (medium): Monsta FTP 2.10.1 or below is prone to a stored cross-site scripting vulnerability in the language setting due to insufficient output…