The host is installed with Python 3.6.x before 3.6.14, 3.7.x before 3.7.11, 3.8.x before 3.8.9 or 3.9.x before 3.9.3 and is prone to an unchecked return value vulnerability. A flaw is present in FTP (File Transfer Protocol) client library in PASV (passive) mode, which fails to properly handle unknown vectors. Successful exploitation could allow attackers to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port.