CVE-2019-25614

Critical CVSS: 9.3

Free Float FTP 1.0 contains a buffer overflow vulnerability in the STOR command handler that allows remote attackers to execute arbitrary code by sending a crafted STOR request with an oversized payload. Attackers can authenticate with anonymous credentials and send a malicious STOR command containing 247 bytes of padding followed by a return address and shellcode to trigger code execution on the FTP server.

Vendor

Freefloat

Product

Freefloat Ftp Server

CWE

CWE-787

Yayın Tarihi

2026-03-22 14:16:29

Güncelleme

2026-03-23 19:42:13

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-787 Freefloat Ftp Server CRITICAL Freefloat 2026

Referanslar

http://www.freefloat.com/software/freefloatftpserver.zip https://www.exploit-db.com/exploits/46763 https://www.vulncheck.com/advisories/free-float-ftp-stor-command-remote-buffer-overflow

Benzer Kayıtlar

Critical

CVE-2012-10030

FreeFloat FTP Server contains multiple critical design flaws that allow unauthenticated remote attackers to upload arbit…

Medium

CVE-2012-10023

A stack-based buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0. The server fails to properly v…

Medium

CVE-2025-5666

A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. Affected by this vulnerability…

Medium

CVE-2025-5667

A vulnerability was found in FreeFloat FTP Server 1.0. It has been rated as critical. Affected by this issue is some unk…

Medium

CVE-2025-5664

A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown proces…

Medium

CVE-2025-5665

A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. Affected is an unknown functi…