Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Turbo FTP Server Buffer Overflow Vulnerability in PORT Command Allowing Remote Code Execution

Vulnerability

Exploited

A buffer overflow vulnerability has been identified in Turbo FTP Server versions 1.30.823 and 1.30.826. The issue arises in the handling of the PORT command, where an unauthenticated remote attacker can send a specially crafted payload to overwrite memory structures. This exploitation allows for arbitrary code execution with SYSTEM privileges.

Impact

Exploitation of this vulnerability leads to a buffer overflow, allowing for arbitrary code execution with SYSTEM privileges on the affected machine.

Reproduction

The vulnerability can be reproduced by sending a crafted PORT command that exploits the buffer overflow. This can be done using a Metasploit module designed for this purpose, which automates the exploitation process by sending the appropriate payloads to the FTP server.

Added: Aug 5, 2025, 8:50 PM

Updated: Aug 5, 2025, 10:33 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

9.1

remediation

0.0

relevance

0.3

threat

9.1

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

9.1

remediation

0.0

relevance

0.3

threat

9.1

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Turbo FTP Server Buffer Overflow Vulnerability in PORT Command Allowing Remote Code Execution

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating