CVE-2025-5052
Buffer overflow vulnerability in FreeFloat FTP Server 1.0 LS Command Handler.
Overview
A critical vulnerability has been identified in the FreeFloat FTP Server 1.0, specifically affecting an unknown function of the LS Command Handler component. This issue involves a buffer overflow that could be exploited remotely.
Technical Details
The vulnerability is linked with a buffer overflow condition in the LS Command Handler of the FreeFloat FTP Server 1.0. This mishandling could lead to memory corruption and arbitrary code execution, granting unauthorized access and control to the attacker.
CVSS Metrics
- Base Score: 7.3
- Attack Vector: NETWORK
- Attack Complexity: LOW
- Privileges Required: NONE
- User Interaction: NONE
- Confidentiality Impact: LOW
- Integrity Impact: LOW
- Availability Impact: LOW
Impact
This vulnerability could allow an attacker to execute arbitrary code remotely resulting in potential data breach and system disruption.
Recommendations
Update the FreeFloat FTP server to the latest version and apply all the latest security patches. It's advised to isolate the server from the main network to minimize unauthorized access.
Threat Metrics
- "cvss_score": 7.3
- "severity": "MEDIUM"
- "attack_vector": "NETWORK"
- "attack_complexity": "LOW"