Critical SQL Injection Vulnerability in ProFTPD Allows Remote Code Execution

Critical SQL Injection Vulnerability in ProFTPD Allows Remote Code Execution

First seen 30 Apr 2026, 09:25 UTC GbhackersCybersecuritynewsHeise.Dewww.proftpd.org 89% similarity 74.0

Article Content

Browse articles
ThreatCluster

A critical SQL injection vulnerability, tracked as CVE-2026-42167, has been identified in ProFTPD, a widely used FTP server. This flaw affects the mod_sql extension and has a CVSS severity score of 8.1. Attackers can exploit this vulnerability to bypass authentication, escalate privileges, and potentially execute remote code, depending on server configurations. The vulnerability was discovered by ZeroPath Research and has been publicly disclosed as of April 28, 2026. Security professionals are urged to assess their ProFTPD installations for this flaw and implement necessary mitigations. The risk is particularly high for systems that have not been updated or configured securely. Immediate action is recommended to prevent potential exploitation.

Key Points: • CVE-2026-42167 is a critical SQL injection vulnerability in ProFTPD's mod_sql extension. • The flaw allows for authentication bypass, privilege escalation, and remote code execution. • Security professionals should assess and patch affected ProFTPD installations immediately.

ThreatCluster AI

Timeline

2026-04-28
CVE-2026-42167 published
2026-04-28
First public PoC released
2026-04-30
Articles published detailing the vulnerability

Community

Browse all →