CVE Database · CVE-2012-2532
CVSS v3.1
N/A
EPSS
41.97%
Published
Nov 13, 2012
Modified
Apr 28, 2026
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) processes unspecified commands before TLS is enabled for a session, which allows remote attackers to obtain sensitive information by reading the replies to these commands, aka "FTP Command Injection Vulnerability."
Weaknesses (CWE)
Affected Products (26)
References (6)
