VDB-311079 · CVE-2025-5593 · EUVD-2025-16896

FreeFloat FTP Server 1.0 HOST Command Touladenn war ar c'houlladoù

Ur gwallzarvoud renket evel kritikel zo bet kavet e FreeFloat FTP Server 1.0. Kement-se a denn da ur fonksion dianav eus ar parzh HOST Command Handler. Ar c'hemmadur a gas da Touladenn war ar c'houlladoù. Arverañ CWE evit embann ar gudenn a gas da CWE-120. Ar gwallgornad zo bet embannet 04/06/2025. An aliadenn a zo rannet evit pellgargañ war fitoxs.com. Ar breskder-se a vez gwerzhet dindan an anv CVE-2025-5593. Emañ ar galloud da lakaat an dagadenn da sevel a-bell. N'eus ket a ditouroù teknikel da gaout. Atav, ur mod da implijout an dra-se a zo. An diskoulm zo bet embannet d'ar boblañs ha gallout a ra bezañ implijet. Bremañ emañ priz an exploit might be approx. USD $0-$5k war an amzer-mañ. Disklêriet eo evel test-kas ouzhpenn. Posupl eo pellgargañ an exploit e fitoxs.com. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

4 Daskemmoù · 98 Poentoù roadennoù

Maez	Krouet 04/06/2025 10:20	Hizivadur 1/3 04/06/2025 19:37	Hizivadur 2/3 06/06/2025 09:38	Hizivadur 3/3 13/06/2025 10:43
software_vendor	FreeFloat	FreeFloat	FreeFloat	FreeFloat
software_name	FTP Server	FTP Server	FTP Server	FTP Server
software_version	1.0	1.0	1.0	1.0
software_component	HOST Command Handler	HOST Command Handler	HOST Command Handler	HOST Command Handler
vulnerability_cwe	CWE-120 (Touladenn war ar c'houlladoù)	CWE-120 (Touladenn war ar c'houlladoù)	CWE-120 (Touladenn war ar c'houlladoù)	CWE-120 (Touladenn war ar c'houlladoù)
vulnerability_risk	2	2	2	2
cvss3_vuldb_av	N	N	N	N
cvss3_vuldb_ac	L	L	L	L
cvss3_vuldb_pr	N	N	N	N
cvss3_vuldb_ui	N	N	N	N
cvss3_vuldb_s	U	U	U	U
cvss3_vuldb_c	L	L	L	L
cvss3_vuldb_i	L	L	L	L
cvss3_vuldb_a	L	L	L	L
cvss3_vuldb_e	P	P	P	P
cvss3_vuldb_rc	R	R	R	R
advisory_url	https://fitoxs.com/exploit/exploit-9e0f802ba8eab46db6ff5f0c634f96412286b66b33c50a420dd57c1329e3a20d1.txt	https://fitoxs.com/exploit/exploit-9e0f802ba8eab46db6ff5f0c634f96412286b66b33c50a420dd57c1329e3a20d1.txt	https://fitoxs.com/exploit/exploit-9e0f802ba8eab46db6ff5f0c634f96412286b66b33c50a420dd57c1329e3a20d1.txt	https://fitoxs.com/exploit/exploit-9e0f802ba8eab46db6ff5f0c634f96412286b66b33c50a420dd57c1329e3a20d1.txt
exploit_availability	1	1	1	1
exploit_publicity	1	1	1	1
exploit_url	https://fitoxs.com/exploit/exploit-9e0f802ba8eab46db6ff5f0c634f96412286b66b33c50a420dd57c1329e3a20d1.txt	https://fitoxs.com/exploit/exploit-9e0f802ba8eab46db6ff5f0c634f96412286b66b33c50a420dd57c1329e3a20d1.txt	https://fitoxs.com/exploit/exploit-9e0f802ba8eab46db6ff5f0c634f96412286b66b33c50a420dd57c1329e3a20d1.txt	https://fitoxs.com/exploit/exploit-9e0f802ba8eab46db6ff5f0c634f96412286b66b33c50a420dd57c1329e3a20d1.txt
source_cve	CVE-2025-5593	CVE-2025-5593	CVE-2025-5593	CVE-2025-5593
cna_responsible	VulDB	VulDB	VulDB	VulDB
software_type	File Transfer Software	File Transfer Software	File Transfer Software	File Transfer Software
cvss2_vuldb_av	N	N	N	N
cvss2_vuldb_ac	L	L	L	L
cvss2_vuldb_au	N	N	N	N
cvss2_vuldb_ci	P	P	P	P
cvss2_vuldb_ii	P	P	P	P
cvss2_vuldb_ai	P	P	P	P
cvss2_vuldb_e	POC	POC	POC	POC
cvss2_vuldb_rc	UR	UR	UR	UR
cvss4_vuldb_av	N	N	N	N
cvss4_vuldb_ac	L	L	L	L
cvss4_vuldb_pr	N	N	N	N
cvss4_vuldb_ui	N	N	N	N
cvss4_vuldb_vc	L	L	L	L
cvss4_vuldb_vi	L	L	L	L
cvss4_vuldb_va	L	L	L	L
cvss4_vuldb_e	P	P	P	P
cvss2_vuldb_rl	ND	ND	ND	ND
cvss3_vuldb_rl	X	X	X	X
cvss4_vuldb_at	N	N	N	N
cvss4_vuldb_sc	N	N	N	N
cvss4_vuldb_si	N	N	N	N
cvss4_vuldb_sa	N	N	N	N
cvss2_vuldb_basescore	7.5	7.5	7.5	7.5
cvss2_vuldb_tempscore	6.4	6.4	6.4	6.4
cvss3_vuldb_basescore	7.3	7.3	7.3	7.3
cvss3_vuldb_tempscore	6.6	6.6	6.6	6.6
cvss3_meta_basescore	7.3	7.3	7.3	8.1
cvss3_meta_tempscore	6.6	6.6	6.9	7.9
cvss4_vuldb_bscore	6.9	6.9	6.9	6.9
cvss4_vuldb_btscore	5.5	5.5	5.5	5.5
advisory_date	1748988000 (04/06/2025)	1748988000 (04/06/2025)	1748988000 (04/06/2025)	1748988000 (04/06/2025)
price_0day	$0-$5k	$0-$5k	$0-$5k	$0-$5k
euvd_id		EUVD-2025-16896	EUVD-2025-16896	EUVD-2025-16896
cve_nvd_summary			A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component HOST Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.	A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component HOST Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
cve_nvd_summaryes			Se encontró una vulnerabilidad, clasificada como crítica, en FreeFloat FTP Server 1.0. Esta afecta a una parte desconocida del componente HOST Command Handler. La manipulación provoca un desbordamiento del búfer. Es posible iniciar el ataque de forma remota. Se ha hecho público el exploit y puede que sea utilizado.	Se encontró una vulnerabilidad, clasificada como crítica, en FreeFloat FTP Server 1.0. Esta afecta a una parte desconocida del componente HOST Command Handler. La manipulación provoca un desbordamiento del búfer. Es posible iniciar el ataque de forma remota. Se ha hecho público el exploit y puede que sea utilizado.
cvss4_cna_av			N	N
cvss4_cna_ac			L	L
cvss4_cna_at			N	N
cvss4_cna_pr			N	N
cvss4_cna_ui			N	N
cvss4_cna_vc			L	L
cvss4_cna_vi			L	L
cvss4_cna_va			L	L
cvss4_cna_sc			N	N
cvss4_cna_si			N	N
cvss4_cna_sa			N	N
cvss4_cna_bscore			6.9	6.9
cvss3_cna_av			N	N
cvss3_cna_ac			L	L
cvss3_cna_pr			N	N
cvss3_cna_ui			N	N
cvss3_cna_s			U	U
cvss3_cna_c			L	L
cvss3_cna_i			L	L
cvss3_cna_a			L	L
cvss3_cna_basescore			7.3	7.3
cvss2_cna_av			N	N
cvss2_cna_ac			L	L
cvss2_cna_au			N	N
cvss2_cna_ci			P	P
cvss2_cna_ii			P	P
cvss2_cna_ai			P	P
cvss2_cna_basescore			7.5	7.5
cvss3_nvd_av				N
cvss3_nvd_ac				L
cvss3_nvd_pr				N
cvss3_nvd_ui				N
cvss3_nvd_s				U
cvss3_nvd_c				H
cvss3_nvd_i				H
cvss3_nvd_a				H
cvss3_nvd_basescore				9.8

◂ Distreiñ Alc'hwezerezh Kenderc'hel ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!