A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component XMKD Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
History

Tue, 24 Jun 2025 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Freefloat
Freefloat freefloat Ftp Server
CPEs cpe:2.3:a:freefloat:freefloat_ftp_server:1.0:*:*:*:*:*:*:*
Vendors & Products Freefloat
Freefloat freefloat Ftp Server

Thu, 05 Jun 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 05 Jun 2025 15:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component XMKD Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Title FreeFloat FTP Server XMKD Command buffer overflow
Weaknesses CWE-119
CWE-120
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2025-06-05T15:31:04.734Z

Updated: 2025-06-05T15:52:00.541Z

Reserved: 2025-06-04T12:50:13.942Z

Link: CVE-2025-5666

cve-icon Vulnrichment

Updated: 2025-06-05T15:51:51.369Z

cve-icon NVD

Status : Analyzed

Published: 2025-06-05T16:15:27.470

Modified: 2025-06-24T15:22:09.833

Link: CVE-2025-5666

cve-icon Redhat

No data.