Description

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component HOST Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in FreeFloat FTP Server 1.0 gefunden. Betroffen hiervon ist ein unbekannter Ablauf der Komponente HOST Command Handler. Durch Beeinflussen mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung.

Classification

CVE ID: CVE-2025-5593

CVSS Base Severity: MEDIUM

CVSS Base Score: 6.9

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Products

Vendor: FreeFloat

Product: FTP Server

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.04% (scored less or equal to compared to others)

EPSS Date: 2025-06-07 (when was this score calculated)

Stakeholder-Specific Vulnerability Categorization (SSVC)

SSVC Exploitation: poc

SSVC Technical Impact: partial

SSVC Automatable: true

References

https://nvd.nist.gov/vuln/detail/CVE-2025-5593
https://vuldb.com/?id.311079
https://vuldb.com/?ctiid.311079
https://vuldb.com/?submit.587000
https://fitoxs.com/exploit/exploit-9e0f802ba8eab46db6ff5f0c634f96412286b66b33c50a420dd57c1329e3a20d1.txt

Timeline