CVE-2010-0962

CVE Database · CVE-2010-0962

CVE-2010-0962

· N/AModified

CVSS v3.1

N/A

EPSS

1.25%

Published

Mar 10, 2010

Modified

Apr 28, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 does not restrict the IP address and port specified in a PORT command from a client, which allows remote attackers to leverage intranet FTP servers for arbitrary TCP forwarding via a crafted PORT command.

Weaknesses (CWE)

CWE-264

Affected Products (3)

apple · airport_expressvulnerable

apple · airport_extremevulnerable

apple · time_capsulevulnerable

References (10)

http://seclists.org/fulldisclosure/2010/Mar/106

http://www.securityfocus.com/archive/1/509867/100/0/threaded

http://www.securityfocus.com/archive/1/509974/100/0/threaded

http://www.securityfocus.com/bid/38543

Exploit