CVE-2025-5665
BaseFortify
Publication date: 2025-06-05
Last updated on: 2025-06-24
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| freefloat | freefloat_ftp_server | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-5665 is a critical buffer overflow vulnerability in FreeFloat FTP Server version 1.0, specifically in the XCWD Command Handler. The vulnerability occurs because the server copies input data to an output buffer without checking if the input size exceeds the buffer size, leading to a buffer overflow (CWE-120). This flaw can be exploited remotely without authentication by sending a specially crafted XCWD command, allowing attackers to execute arbitrary code on the server. [1]
How can this vulnerability impact me? :
This vulnerability can severely impact system confidentiality, integrity, and availability. An attacker can remotely exploit the buffer overflow to execute arbitrary code with the privileges of the FTP server process, potentially gaining full control over the affected system. This can lead to system crashes, unauthorized access, data theft, or disruption of services. The exploit is easy to perform, publicly available, and no known mitigations exist, making affected systems highly vulnerable. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to trigger the buffer overflow condition via the 'XCWD' FTP command with an excessively long input. Using tools like Metasploit Framework, you can generate a cyclic pattern to send as payload and observe if the FTP server crashes or behaves abnormally. Commands include generating a pattern with `msf-pattern_create -l 1000` and sending it to the server's XCWD command. After a crash, you can analyze the overwritten EIP value with `msf-pattern_offset -q <EIP_value>`. Additionally, monitoring for unusual FTP server crashes or unexpected behavior when receiving long XCWD commands can indicate exploitation attempts. Network detection can also involve monitoring FTP traffic for unusually long XCWD commands or unexpected payloads. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
There are no known countermeasures or mitigations for this vulnerability. The recommended immediate step is to replace the affected FreeFloat FTP Server 1.0 with an alternative, secure FTP server solution. Additionally, restricting network access to the FTP server, applying network-level controls such as firewall rules to limit exposure, and monitoring for exploitation attempts are advisable until a secure replacement is implemented. [1]