{"vulnerability": "cve-2015-3306", "sightings": [{"uuid": "37fb47d9-a255-4175-9c48-0b540d5655b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-3306", "type": "exploited", "source": "https://www.exploit-db.com/exploits/49908", "content": "", "creation_timestamp": "2021-05-26T00:00:00.000000Z"}, {"uuid": "59b5ad43-cf0e-4a87-ad13-38c533f356c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-3306", "type": "seen", "source": "https://gist.github.com/kn1l/6c5e129353bfb9c8637009fe0410d762", "content": "", "creation_timestamp": "2025-05-26T08:46:21.000000Z"}, {"uuid": "418f0af4-0a48-4f33-aebe-f7ec0658b98d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-3306", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:42.000000Z"}, {"uuid": "7a104e87-a789-4308-bd80-1444141785ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-3306", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:09:39.000000Z"}, {"uuid": "ea74a2cb-829b-487e-a7fd-25b6e858df85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-3306", "type": "seen", "source": "https://gist.github.com/kn1l/eebac17da6f13c3cc71e7e240d7f8368", "content": "", "creation_timestamp": "2025-05-26T09:19:46.000000Z"}, {"uuid": "ff50ee29-629a-4b93-865b-5c3555f8a1ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "db99543d-496c-4eef-ad0a-2df2093364df", "vulnerability": "CVE-2015-3306", "type": "confirmed", "source": "https://www.exploit-db.com/exploits/37262", "content": "", "creation_timestamp": "2015-06-10T00:00:00.000000Z"}, {"uuid": "90513fe3-2a60-4a05-b1dc-a42588e4a9c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-3306", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/ftp/proftpd_modcopy_exec.rb", "content": "", "creation_timestamp": "2018-05-29T15:50:33.000000Z"}, {"uuid": "036e3a1a-5701-4016-b8a4-5530c0d0b278", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "db99543d-496c-4eef-ad0a-2df2093364df", "vulnerability": "CVE-2015-3306", "type": "confirmed", "source": "https://www.exploit-db.com/exploits/36742", "content": "", "creation_timestamp": "2015-04-13T00:00:00.000000Z"}, {"uuid": "95e92d87-45a7-4b7f-b225-e1bce5a65ae5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-3306", "type": "seen", "source": "https://t.me/sysodmins/5616", "content": "\u200b\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 ProFTPD \u0441\u0442\u0430\u0432\u0438\u0442 \u043f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u0443 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a \u0431\u043e\u043b\u0435\u0435 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0430\u043c \u043f\u043e\u0438\u0441\u043a\u0430 Shodan, \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0432 \u0441\u0435\u0442\u0438 \u043d\u0430\u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0431\u043e\u043b\u0435\u0435 1 \u043c\u043b\u043d \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 ProFTPd. https://www.shodan.io/search?query=ProFTPD\n\n\u0412 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439. \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u043c\u043e\u0433\u0443\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043c\u043e\u0434\u0443\u043b\u044c \"mod_copy\" \u0432 \u0444\u0430\u0439\u043b\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 ProFTPd, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c \u0441\u0435\u0431\u044f \u043e\u0442 \u043b\u044e\u0431\u044b\u0445 \u0430\u0442\u0430\u043a, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u044d\u0442\u0438\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c.\n\n\u0412 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 ProFTPD \u0434\u043b\u044f Linux \u0438 UNIX-\u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0431\u0435\u0437 \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0437\u0430\u043f\u0438\u0441\u044c \u0441\u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043b\u044e\u0431\u043e\u0439 \u0444\u0430\u0439\u043b \u043d\u0430 FTP-\u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\nProFTPd \u2014 \u043a\u0440\u043e\u0441\u0441\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435\u043d\u043d\u044b\u0439 FTP-\u0441\u0435\u0440\u0432\u0435\u0440 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u044e\u0449\u0438\u0439 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e UNIX-\u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0438 Windows. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 ProFTPd \u0432\u043f\u043b\u043e\u0442\u044c \u0434\u043e 1.3.6.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2019-12815 https://www.cert-bund.de/advisoryshort/CB-K19-0642) \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 \"mod_copy\", \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u043c\u0441\u044f \u0432 \u0434\u0435\u0444\u043e\u043b\u0442\u043d\u043e\u0439 \u0441\u0431\u043e\u0440\u043a\u0435 ProFTPd \u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u043e\u043c \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432 (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, Debian). \u041f\u0435\u0440\u0435\u0434\u0430\u0447\u0430 \u043a\u043e\u043c\u0430\u043d\u0434 CPFR, CPTO \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 ProFTPd \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0431\u0435\u0437 \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0437\u0430\u043f\u0438\u0441\u044c \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043b\u044e\u0431\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u043d\u0430 FTP-\u0441\u0435\u0440\u0432\u0435\u0440\u0435. \u0411\u0430\u0433 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e 2015 \u0433\u043e\u0434\u0430 (CVE-2015-3306), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0447\u0438\u0442\u0430\u0442\u044c \u0438 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043a\u043e\u043c\u0430\u043d\u0434\u044b SITE CPFR \u0438 SITE CPTO.", "creation_timestamp": "2019-07-23T16:25:00.000000Z"}, {"uuid": "d0900be8-c385-455d-b472-e2e8f0edf09f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-3306", "type": "published-proof-of-concept", "source": "Telegram/Qlu2TxpQ7PzRE5b0iJTHRMQcK91tVZ4jRE6zApsmv8LxsDQ", "content": "", "creation_timestamp": "2025-11-03T03:00:05.000000Z"}, {"uuid": "e77927e2-e1f2-4e38-8bf2-d60900b47f65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-3306", "type": "seen", "source": "https://t.me/tech_b0lt_Genona/786", "content": "\u0422\u0443\u0442 \u0432 ProFTPD \u043d\u0430\u0448\u043b\u0438 \u0434\u044b\u0440\u0435\u043d\u044c\nAn arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-12815\n\n\u0410 \u0438\u0445 \u043c\u0438\u043b\u043b\u0438\u043e\u043d \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0442\u043e\u0440\u0447\u0438\u0442 \u0433\u043e\u043b\u044b\u043c\u0438 \u043f\u043e\u0440\u0442\u0430\u043c\u0438\nhttps://www.shodan.io/search?query=ProFTPD", "creation_timestamp": "2019-07-23T21:48:20.000000Z"}, {"uuid": "c65332d6-d0b2-4b89-b134-ac30cc92365b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-3306", "type": "published-proof-of-concept", "source": "Telegram/zYP_FO4NY3tiE27NccUP27gU7zoU9jKYqvktU03MPlH4oA", "content": "", "creation_timestamp": "2025-01-12T02:21:28.000000Z"}, {"uuid": "59260f5e-ad0a-476b-b6b2-63b70f318e3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-3306", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/59991", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2015-3306 - ProFTPD - RCE Home Lab setup (Docker) easy to use for Red Teaming or Penetration Testing\nURL\uff1ahttps://github.com/netw0rk7/CVE-2015-3306-Home-Lab\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-11-17T12:21:23.000000Z"}, {"uuid": "a5e377cd-9d70-4498-800a-afe33aed12e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-3306", "type": "published-proof-of-concept", "source": "https://t.me/lostsec/193", "content": "SHODAN DORK: \nwebcamXP/webcam7:\n(\"webcam 7\" OR \"webcamXP\") http.component:\"mootools\" -401\n\nSome Webcams(SQ Webcams?):\nServer: SQ-WEBCAM\n\nYawcam Webcams:\n\"Server: yawcam\" \"Mime-Type: text/html\"\n\nSurveillance Cams:\nServer: uc-httpd 1.0.0\nNETSurveillance uc-httpd\nSurveillance cams with admin:admin or admin:(none) creds\n\nHikvision Cameras:\nproduct:\"Hikvision IP Camera\"\nLink for Hikvision backdoor here: https://ipvm.com/reports/hik-exploit\n\nGeneric dork for finding cameras:\ntitle:camera\n\nGeneric dork for finding cameras (with screenshots):\nwebcam has_screenshot:true\n\nDahua Cameras:\nhttp.title:\"WEB VIEW\"\n\nSome random webcams:\nhttp.title:\"Webcam\"\n\nVulnerable Services / Servers\n\nEternalBlue SMB RCE:\nos:\"Windows 10 Home 19041\n\nProFTPD 1.3.5 (mod_copy exec; CVE-2015-3306) :\n\"220 ProFTPD 1.3.5\"\n\nAnonymous FTP Login #1:\n\"230 User anonymous\"\n\nAnonymous FTP Login #2:\n\"220\" \"230 Login successful.\" port:21\n\nAlready Logged-In as root via Telnet:\n\"root@\" port:23 -login -password -name -Session\n\nNo password for Telnet Access:\nport:23 console gateway\n\nOther Services that you can find\n\nOpenSSH:\nopenssh port:22\n\nLogitech Media Servers:\n\"Server: Logitech Media Server\" \"200 OK\"\n\nJenkins Unrestricted Dashboard:\nx-jenkins 200\n\nMySQL:\n\"product:MySQL\"\n\nMongoDB #1:\nmongodb port:27017\n\nMongoDB #2:\nproduct:\"MongoDB\"\n\nInteresting Things that you can find on Shodan\n\nRDP/VNC's WITHOUT AUTH:\n\"authentication disabled\" \"RFB 003.008\"\nremote desktop \"port:3389\"\n\nXZERES Wind Turbines:\ntitle:\"xzeres wind\"\n\ntitle:\"IP CAMERA Viewer\" Content-Length: 703\n\nMikroTik Routers:\nport:8291 os:\"MikroTik RouterOS 6.45.9\"\n\nMinecraft Servers:\n\"Minecraft Server\" \"protocol 340\" port:25565\n\nSmart TVs:\n\"Chromecast:\" port:8008\n\nMaritime Satellites:\n\"Cobham SATCOM\" OR (\"Sailor\" \"VSAT\")\nReal-time location of ships via satelite\n\nTesla PowerPack Charging Status Page:\nhttp.title:\"Tesla PowerPack System\" http.component:\"d3\"\n\nSamsung Electronic Billboards:\n\"Server: Prismview Player\"", "creation_timestamp": "2024-03-20T08:50:27.000000Z"}, {"uuid": "0a87b34d-39b8-4ca5-8c56-8cf811d1c41f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-3306", "type": "seen", "source": "Telegram/fRsWGrysxNfnfVrAINUlDHsnyDzZ8XlI0RAgeuDQlNSE2Jg", "content": "", "creation_timestamp": "2024-05-07T23:15:42.000000Z"}, {"uuid": "817f678b-6194-4d05-8a0e-b4b0acd6f6ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-3306", "type": "seen", "source": "Telegram/r1PvUwOziPm76oA72goN3XQl1cawuNYc_Wi3095TUu4q47A", "content": "", "creation_timestamp": "2024-05-07T23:12:19.000000Z"}, {"uuid": "fd0829f8-dc4e-406f-8be7-41fc244e28af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-3306", "type": "seen", "source": "Telegram/W-f6wZWCO4dnAdFELDjHo4l86fuhQo-YNqn13QAyKW1bA54", "content": "", "creation_timestamp": "2024-05-07T20:43:15.000000Z"}]}