Login Sign Up

CVE-2020-15690

9.8 CRITICAL

📋 TL;DR

CVE-2020-15690 is a CRLF injection vulnerability in Nim's asyncftpclient library that allows attackers to inject arbitrary commands into FTP sessions by sending messages containing newline characters. This affects any application using the vulnerable asyncftpclient library in Nim versions before 1.2.6. Attackers can potentially execute unauthorized commands on FTP servers.

💻 Affected Systems

Products:
  • Nim programming language standard library asyncftpclient
Versions: Nim versions before 1.2.6
Operating Systems: All platforms running Nim applications
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects applications using the asyncftpclient library from Nim's standard library.

📦 What is this software?

Nim by Nim Lang

View all CVEs affecting Nim →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of FTP server allowing arbitrary command execution, data exfiltration, or server takeover.

🟠

Likely Case

Unauthorized file operations, directory traversal, or information disclosure through FTP command injection.

🟢

If Mitigated

Limited impact with proper input validation and network segmentation in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public proof-of-concept available, exploitation requires network access to vulnerable FTP client applications.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Nim 1.2.6 and later

Vendor Advisory: https://github.com/nim-lang/Nim/security/advisories

Restart Required: Yes

Instructions:

1. Update Nim to version 1.2.6 or later. 2. Recompile all applications using asyncftpclient. 3. Redeploy patched applications.

🔧 Temporary Workarounds

Input validation wrapper

all

Add custom validation to check for newline characters before passing data to asyncftpclient functions.

Implement input sanitization in application code before calling asyncftpclient methods

🧯 If You Can't Patch

  • Implement network segmentation to isolate FTP traffic
  • Use alternative FTP client libraries with proper input validation

🔍 How to Verify

Check if Vulnerable:

Check if application uses Nim's asyncftpclient library and Nim version is below 1.2.6

Check Version:

nim --version

Verify Fix Applied:

Verify Nim version is 1.2.6 or later and application has been recompiled with updated library

📡 Detection & Monitoring

Log Indicators:

  • Unusual FTP command sequences
  • Multiple failed FTP connections with malformed data

Network Indicators:

  • FTP traffic containing newline characters in command parameters
  • Unusual FTP command patterns

SIEM Query:

source="ftp_logs" AND (message="*\n*" OR message="*\r*" OR command="*injection*")

📊 Metadata

CVE ID: CVE-2020-15690
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-74
Published: January 30, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-15690, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)