CVE-2018-25252
Buffer Overflow in FTP Voyager 16.2.0 Causes DoS Crash
Publication date: 2026-04-04
Last updated on: 2026-04-20
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| solarwinds | ftp_voyager | to 16.2.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not include any details on how the CVE-2018-25252 vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
CVE-2018-25252 is a denial of service vulnerability in FTP Voyager version 16.2.0 and earlier. It occurs because the application does not properly handle oversized input in the site profile IP field. Specifically, a local attacker can create a malicious site profile containing about 500 bytes of repeated characters and paste it into the IP field. This triggers a buffer overflow (an out-of-bounds write) that causes the FTP Voyager process to crash.
How can this vulnerability impact me? :
This vulnerability can cause a denial of service (DoS) condition by crashing the FTP Voyager application. An attacker with local access can exploit this by injecting a specially crafted input into the IP field of a site profile, causing the application to stop functioning. This disrupts normal file transfer operations and availability of the FTP Voyager service.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to reproduce the denial of service condition on FTP Voyager 16.2.0 by injecting an oversized buffer into the site profile IP field.
A proof-of-concept involves creating a payload of 500 repeated characters (e.g., 500 "A" characters) and pasting it into the IP field of a new site profile in FTP Voyager. If the application crashes, the vulnerability is present.
A sample Python script can be used to generate the payload file (boom.txt) containing 500 "A" characters:
- python -c "print('A'*500)" > boom.txt
Then, copy the contents of boom.txt and paste it into the IP field of a new site profile in FTP Voyager to test for the crash.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, avoid using FTP Voyager version 16.2.0 or earlier where this buffer overflow exists.
Since the vulnerability requires local access to inject the malicious input, restrict local access to FTP Voyager and ensure only trusted users can create or modify site profiles.
Consider upgrading to a newer version or alternative software that does not contain this vulnerability, such as using the Serv-U Web Client which replaces FTP Voyager JV and improves security.