Vulnerabilities ›

CVE-2026-28295

Medium

CWE-918 — Weakness Type

                    Published: Feb 26, 2026                      ·  Modified: Mar 5, 2026                      ·  Source: NVD                

CVSS v3

4.3

🔗 NVD Official

📄 Description (English)

A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode (PASV) response. The client unconditionally trusts this information and attempts to connect to the specified endpoint, allowing the malicious server to probe for open ports accessible from the client's network.

🤖 AI Executive Summary

A vulnerability in FTP GVfs backend allows malicious FTP servers to manipulate passive mode responses, enabling port scanning of the client's network. The flaw stems from insufficient validation of server-provided IP addresses and ports in PASV responses.

📄 Description (Arabic)

تم اكتشاف ثغرة في خادم FTP GVfs حيث يمكن لخادم FTP ضار استغلال آلية الوضع السلبي (PASV) بتقديم عنوان IP ومنفذ تعسفيين. يثق العميل بهذه المعلومات دون التحقق منها، مما يسمح بمسح المنافذ المفتوحة في شبكة العميل.

🤖 ملخص تنفيذي (AI)

🤖 AI Intelligence Analysis Analyzed: May 30, 2026 07:26

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: medium

🏢 Affected Saudi Sectors

government banking telecom

🎯 MITRE ATT&CK Techniques

T1046 T1040

⚖️ Saudi Risk Score (AI)

5.0

/ 10.0

🔧 Remediation Steps (English)

Update GVfs to the latest patched version that validates FTP PASV responses. Implement network segmentation to restrict FTP client access to trusted servers only. Monitor FTP connections for suspicious PASV responses with unexpected IP addresses or ports.

🔧 خطوات المعالجة (العربية)

قم بتحديث GVfs إلى أحدث إصدار مصحح يتحقق من استجابات FTP PASV. قم بتنفيذ تقسيم الشبكة لتقييد وصول عميل FTP إلى الخوادم الموثوقة فقط. راقب اتصالات FTP للكشف عن استجابات PASV المريبة ذات عناوين IP أو منافذ غير متوقعة.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

5.1 5.2

🔵 SAMA CSF

ID.RA-2 PR.DS-2

🟡 ISO 27001:2022

A.13.1.1 A.13.2.1

🔗 References & Sources 2

🔗

https://access.redhat.com/security/cve/CVE-2026-28295

secalert@redhat.com

🔗

https://bugzilla.redhat.com/show_bug.cgi?id=2443004

secalert@redhat.com

📊 CVSS Score

4.3

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionR — Required

ScopeU — Unchanged

ConfidentialityL — Low / Local

IntegrityN — None / Network

AvailabilityN — None / Network

📋 Quick Facts

Severity Medium

CVSS Score4.3

CWECWE-918

Exploit No

Patch ✗ No

Published 2026-02-26

Source Feed nvd

🇸🇦 Saudi Risk Score

5.0

/ 10.0 — Saudi Risk

Priority: MEDIUM

🏷️ Tags

CWE-918

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2026-28295

💬 Comments

Introduce Yourself

Sign In Required