Vulnerabilities ›

CVE-2026-28296

Medium

A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containing carriage return and line feed (CRLF)

CWE-93 — Weakness Type

                    Published: Feb 26, 2026                      ·  Modified: Mar 5, 2026                      ·  Source: NVD                

CVSS v3

4.3

🔗 NVD Official

📄 Description (English)

A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containing carriage return and line feed (CRLF) sequences. These unsanitized sequences allow the attacker to terminate intended FTP commands and inject arbitrary FTP commands, potentially leading to arbitrary code execution or other severe impacts.

🤖 AI Executive Summary

CVE-2026-28296 is a CRLF injection vulnerability in the FTP GVfs backend that allows remote attackers to inject arbitrary FTP commands through specially crafted file paths. This could lead to arbitrary code execution or unauthorized access to FTP-connected systems.

📄 Description (Arabic)

تم اكتشاف ثغرة في خادم FTP GVfs تسمح بحقن أوامر FTP عشوائية من خلال مسارات ملفات مصنوعة بعناية تحتوي على تسلسلات CRLF. يمكن للمهاجمين البعيدين استغلال هذه الثغرة لتنفيذ أوامر تعسفية أو الوصول غير المصرح به إلى الأنظمة المتصلة بـ FTP.

🤖 ملخص تنفيذي (AI)

A CRLF injection flaw exists in FTP GVfs backend allowing remote attackers to inject malicious FTP commands via crafted file paths. This vulnerability could enable arbitrary code execution and compromise system security.

🤖 AI Intelligence Analysis Analyzed: May 30, 2026 07:26

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: medium

🏢 Affected Saudi Sectors

government banking telecom energy

🎯 MITRE ATT&CK Techniques

T1190 T1059 T1021.004

⚖️ Saudi Risk Score (AI)

7.0

/ 10.0

🔧 Remediation Steps (English)

Update the FTP GVfs backend to the latest patched version immediately. Implement input validation and sanitization for all file paths to remove or escape CRLF sequences. Restrict FTP access to trusted networks only and monitor FTP command logs for suspicious activity.

🔧 خطوات المعالجة (العربية)

قم بتحديث خادم FTP GVfs إلى أحدث إصدار مصحح فوراً. طبق التحقق من صحة المدخلات وتنظيفها لجميع مسارات الملفات لإزالة أو تجاوز تسلسلات CRLF. قيد الوصول إلى FTP على الشبكات الموثوقة فقط ومراقبة سجلات أوامر FTP للنشاط المريب.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

4.1.1 4.2.1 4.3.1

🔵 SAMA CSF

ID.GV-2 PR.AC-1 PR.DS-2

🟡 ISO 27001:2022

A.12.2.1 A.13.1.1 A.14.2.1

🔗 References & Sources 2

🔗

https://access.redhat.com/security/cve/CVE-2026-28296

secalert@redhat.com

🔗

https://bugzilla.redhat.com/show_bug.cgi?id=2443003

secalert@redhat.com

📊 CVSS Score

4.3

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionR — Required

ScopeU — Unchanged

ConfidentialityL — Low / Local

IntegrityN — None / Network

AvailabilityN — None / Network

📋 Quick Facts

Severity Medium

CVSS Score4.3

CWECWE-93

Exploit No

Patch ✗ No

Published 2026-02-26

Source Feed nvd

🇸🇦 Saudi Risk Score

7.0

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-93

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2026-28296

💬 Comments

Introduce Yourself

Sign In Required