CVE-2018-25226
Received Received - Intake
Buffer Overflow in FTPShell Server 6.83 Causes DoS

Publication date: 2026-03-30

Last updated on: 2026-03-31

Assigner: VulnCheck

Description
FTPShell Server 6.83 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the account name field. Attackers can trigger a denial of service by pasting a 417-byte payload into the 'Account name to ban' parameter within the Manage FTP Accounts interface.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-30
Last Modified
2026-03-31
Generated
2026-05-27
AI Q&A
2026-03-30
EPSS Evaluated
2026-05-25
NVD
CVE-2018-25226
EUVD
EUVD-2018-21710
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ftpshell ftpshell_server 6.83
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2018-25226 is a buffer overflow vulnerability in FTPShell Server version 6.83 and earlier. It occurs when a local attacker supplies an excessively long stringβ€”specifically a 417-byte payloadβ€”in the 'Account name to ban' field within the Manage FTP Accounts interface. This input causes the application to crash due to improper handling of the account name string.


How can this vulnerability impact me? :

This vulnerability can be exploited by local attackers to cause a denial of service (DoS) by crashing the FTPShell Server application. By inputting a specially crafted 417-byte string into the 'Account name to ban' field, the server crashes, disrupting service availability.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by attempting to reproduce the crash condition on the FTPShell Server 6.83 application by supplying a specially crafted input in the 'Account name to ban' field within the Manage FTP Accounts interface.

A practical detection method involves using a payload consisting of 417 'A' characters to trigger the buffer overflow and cause the application to crash, indicating the presence of the vulnerability.

  • Run the provided Python script (FTPShell_Server_6.83.py) to generate a file named ftpshell.txt containing the 417-byte payload.
  • Copy the contents of ftpshell.txt to the clipboard.
  • Open the FTPShell Server application.
  • Navigate to 'Manage FTP Accounts', select 'Add Account Name', and paste the payload into the 'Account name to ban' field.
  • Click 'Ok' and observe if the application crashes, confirming the vulnerability.

How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The provided information does not include any details on how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.


What immediate steps should I take to mitigate this vulnerability?

To mitigate the vulnerability in FTPShell Server 6.83, avoid supplying excessively long strings (specifically 417-byte payloads) in the 'Account name to ban' field within the Manage FTP Accounts interface.

Restrict local access to the FTPShell Server application to trusted users only, as the attack requires local access.

Monitor and control inputs in the Manage FTP Accounts interface to prevent buffer overflow attempts.

If possible, update or patch the software to a version that addresses this buffer overflow vulnerability.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart