CVE-2013-2278

critical

Published 2014-04-01 · Modified 2026-05-06

CVSS v3

—

CVSS v2

10.0

VIR risk

10.0

Description

Unspecified vulnerability in War FTP Daemon (warftpd) 1.82, when running as a Windows service, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to log messages and the "internal log handler to the Windows Event log."

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://www.warftp.org/index.php?cmd=show_article&article_id=1035

Application impact

Vendor	Product	Versions	Fixed
jgaa	warftpd	`1.8.2`

References

http://www.securityfocus.com/archive/1/525830
http://www.warftp.org/index.php?cmd=show_article&article_id=1035
http://www.securityfocus.com/archive/1/525830
http://www.warftp.org/index.php?cmd=show_article&article_id=1035

Verify integrity in audit chain (admin only). AS-IS.