•
MEDIUM Severity
CVE-2025-5053
Critical vulnerability in FreeFloat FTP Server 1.0 leading to buffer overflow
Overview
A critical buffer overflow vulnerability has been discovered in FreeFloat FTP Server 1.0. An unknown function in the MDIR Command Handler is affected. The flaw can be exploited remotely.
Technical Details
The vulnerability is found in an undefined functionality of the component MDIR Command Handler. It is related to buffer overflow and can be remotely exploited, with a detailed exploit available to the public.
CVSS Metrics
- cvss_score: 7.3
- severity: MEDIUM
- attack_vector: NETWORK
- attack_complexity: LOW
- attack_requirements: NONE
- privileges_required: NONE
- user_interaction: NONE
- scope: UNCHANGED
- confidentiality_impact: LOW
- integrity_impact: LOW
- availability_impact: LOW
Impact
The exploitation might lead to compromised confidentiality, integrity, and availability of the server.
Recommendations
The users are recommended to update the FreeFloat FTP Server to the latest version or apply patches, if available. Also, monitoring of the network traffic should be increased.
Threat Metrics
- cvss_score: 7.3
- severity: MEDIUM
- attack_vector: NETWORK
- attack_complexity: LOW