CVE-2010-20103: ProFTPD 1.3.3c Backdoor Command Execution

Q: What is the severity of CVE-2010-20103?

CVE-2010-20103 is considered a critical vulnerability due to the potential for arbitrary command execution with root privileges.

Q: How do I fix CVE-2010-20103?

To fix CVE-2010-20103, upgrade to a secure version of ProFTPD that is not affected by this vulnerability.

Q: What versions of ProFTPD are affected by CVE-2010-20103?

ProFTPD version 1.3.3c distributed between November 28 and December 2, 2010, is affected by CVE-2010-20103.

Q: What does the backdoor in CVE-2010-20103 allow an attacker to do?

The backdoor allows an attacker to execute arbitrary shell commands with root privileges on the affected server.

Q: How was the backdoor in CVE-2010-20103 introduced?

The backdoor was embedded in the official ProFTPD 1.3.3c source tarball during its distribution.

Published Aug 20, 2025

Updated

A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows remote, unauthenticated attackers to run any OS command on the FTP server host.

Affected Software

2 affected components

ProFTPD ProFTPD>=1.3.3c<=1.3.3c

ProFTPD ProFTPD=1.3.3-c

Event History

Aug 20, 2025

CVE Published

via MITRE·03:38 PM

Data Sourced

via MITRE·03:38 PM

DescriptionWeakness

Data Sourced

via NVD·04:15 PM

DescriptionSeverityWeaknessAffected Software

Frequently Asked Questions

What is the severity of CVE-2010-20103?

CVE-2010-20103 is considered a critical vulnerability due to the potential for arbitrary command execution with root privileges.

How do I fix CVE-2010-20103?

To fix CVE-2010-20103, upgrade to a secure version of ProFTPD that is not affected by this vulnerability.

What versions of ProFTPD are affected by CVE-2010-20103?

ProFTPD version 1.3.3c distributed between November 28 and December 2, 2010, is affected by CVE-2010-20103.

What does the backdoor in CVE-2010-20103 allow an attacker to do?

The backdoor allows an attacker to execute arbitrary shell commands with root privileges on the affected server.

How was the backdoor in CVE-2010-20103 introduced?

The backdoor was embedded in the official ProFTPD 1.3.3c source tarball during its distribution.

CVSS Score

9.3Critical

Critical Severity

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Security Metrics

Risk Score86

Severitycritical(9.8)

CWE

912

Timeline

PublishedAug 20, 2025

Updated

References

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.