{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2022-50799", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2025-12-27T13:53:29.754Z", "datePublished": "2025-12-30T22:41:40.340Z", "dateUpdated": "2026-01-02T19:47:21.277Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2025-12-30T22:41:40.340Z"}, "datePublic": "2022-01-27T00:00:00.000Z", "title": "Fetch Softworks Fetch FTP Client 5.8.2 Remote CPU Consumption Denial of Service", "descriptions": [{"lang": "en", "value": "Fetch FTP Client 5.8.2 contains a denial of service vulnerability that allows attackers to trigger 100% CPU consumption by sending long server responses. Attackers can send specially crafted FTP server responses exceeding 2K bytes to cause excessive resource utilization and potentially crash the application."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Allocation of Resources Without Limits or Throttling", "cweId": "CWE-770", "type": "CWE"}]}], "affected": [{"vendor": "Fetch Softworks", "product": "Fetch Softworks Fetch FTP Client", "versions": [{"version": "5.8", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 7.1, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/50696", "name": "ExploitDB-50696", "tags": ["exploit"]}, {"url": "https://www.fetchsoftworks.com", "name": "Fetch Softworks Product Homepage", "tags": ["product"]}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5696.php", "name": "Zero Science Lab Disclosure (ZSL-2022-5696)", "tags": ["third-party-advisory"]}, {"name": "VulnCheck Advisory: Fetch Softworks Fetch FTP Client 5.8.2 Remote CPU Consumption Denial of Service", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/fetch-softworks-fetch-ftp-client-remote-cpu-consumption-denial-of-service"}], "credits": [{"lang": "en", "value": "LiquidWorm as Gjoko Krstic of Zero Science Lab", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-02T19:47:13.915633Z", "id": "CVE-2022-50799", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-02T19:47:21.277Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-50799", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-02T19:47:13.915633Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-02T19:47:18.197Z"}}], "cna": {"title": "Fetch Softworks Fetch FTP Client 5.8.2 Remote CPU Consumption Denial of Service", "credits": [{"lang": "en", "type": "finder", "value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.1, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Fetch Softworks", "product": "Fetch Softworks Fetch FTP Client", "versions": [{"status": "affected", "version": "5.8"}]}], "datePublic": "2022-01-27T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/50696", "name": "ExploitDB-50696", "tags": ["exploit"]}, {"url": "https://www.fetchsoftworks.com", "name": "Fetch Softworks Product Homepage", "tags": ["product"]}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5696.php", "name": "Zero Science Lab Disclosure (ZSL-2022-5696)", "tags": ["third-party-advisory"]}, {"url": "https://www.vulncheck.com/advisories/fetch-softworks-fetch-ftp-client-remote-cpu-consumption-denial-of-service", "name": "VulnCheck Advisory: Fetch Softworks Fetch FTP Client 5.8.2 Remote CPU Consumption Denial of Service", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "Fetch FTP Client 5.8.2 contains a denial of service vulnerability that allows attackers to trigger 100% CPU consumption by sending long server responses. Attackers can send specially crafted FTP server responses exceeding 2K bytes to cause excessive resource utilization and potentially crash the application."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-770", "description": "Allocation of Resources Without Limits or Throttling"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2025-12-30T22:41:40.340Z"}}}, "cveMetadata": {"cveId": "CVE-2022-50799", "state": "PUBLISHED", "dateUpdated": "2026-01-02T19:47:21.277Z", "dateReserved": "2025-12-27T13:53:29.754Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2025-12-30T22:41:40.340Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Fetch FTP Client 5.8.2 contains a denial of service vulnerability that allows attackers to trigger 100% CPU consumption by sending long server responses. Attackers can send specially crafted FTP server responses exceeding 2K bytes to cause excessive resource utilization and potentially crash the application."}, {"lang": "es", "value": "Fetch FTP Cliente 5.8.2 contiene una vulnerabilidad de denegaci\u00f3n de servicio que permite a los atacantes provocar un consumo del 100% de la CPU mediante el env\u00edo de respuestas largas del servidor. Los atacantes pueden enviar respuestas de servidor FTP especialmente dise\u00f1adas que superen los 2K bytes para causar una utilizaci\u00f3n excesiva de recursos y potencialmente bloquear la aplicaci\u00f3n."}], "id": "CVE-2022-50799", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2025-12-30T23:15:47.087", "references": [{"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/50696"}, {"source": "disclosure@vulncheck.com", "url": "https://www.fetchsoftworks.com"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/fetch-softworks-fetch-ftp-client-remote-cpu-consumption-denial-of-service"}, {"source": "disclosure@vulncheck.com", "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5696.php"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"created": "2026-01-05T12:25:20.396295+00:00", "updated": "2026-01-05T12:25:20.396359+00:00", "vendors": ["fetch_softworks", "fetch_softworks$PRODUCT$fetch_ftp_client"]}