CVE-2022-50799 HIGH

CVE-2022-50799: Fetch Softworks Fetch FTP Client 5.8.2 Remote CPU Consumption Denial of Service

Vendor Fetch Softworks
Product Fetch Softworks Fetch FTP Client
Weakness CWE-770 · Uncontrolled resource consumption
Published December 30, 2025
Last update January 2, 2026

CVSS base score

7.1/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Fetch FTP Client 5.8.2 contains a denial of service vulnerability that allows attackers to trigger 100% CPU consumption by sending long server responses. Attackers can send specially crafted FTP server responses exceeding 2K bytes to cause excessive resource utilization and potentially crash the application.

Key dates

02Disclosure timeline

December 30, 2025 CVE published
January 2, 2026 Record updated