CVE-2026-42167 | ProFTPD up to 1.3.9 mod_sql User Remote Code Execution (ID 2052)

A vulnerability marked as critical has been reported in ProFTPD up to 1.3.9. The affected element is an unknown function of the component mod_sql. This manipulation of the argument User causes Remote Code Execution.

This vulnerability is handled as CVE-2026-42167. The attack can be initiated remotely. There is not any exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More