CVE-2025-5295
Critical vulnerability in FreeFloat FTP Server 1.0.0
Overview
This critical vulnerability affects FreeFloat FTP Server 1.0.0. It's associated with PORT Command Handler component, potentially leading to a buffer overflow attack, which can be initiated remotely and has already been disclosed publicly.
Technical Details
The issue prevails in an unspecified code block of the PORT Command Handler component. The exploit involves manipulation that triggers a buffer overflow error,which can be launched without requirements.
CVSS Metrics
- attackVector: NETWORK
- attackComplexity: LOW
- attackRequirements: NONE
- privilegesRequired: NONE
- userInteraction: NONE
- confidentialityImpact: LOW
- integrityImpact: LOW
- availabilityImpact: LOW
- exploitMaturity: NOT_DEFINED
Impact
The vulnerability ash an impact on the confidentiality, integrity, and availability of the system and can be exploited by a remote attacker.
Recommendations
Mitigating this vulnerability would require vendor-specific patches or updates. Regular software updates and continuous monitoring of network activities can reduce the likelihood of vulnerabilities being exploited.
Threat Metrics
- "cvss_score": 7.5
- "severity": "MEDIUM"
- "attack_vector": "NETWORK"
- "attack_complexity": "LOW"