Primary

Context

Core FTP/SFTP Server Buffer Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

A buffer overflow vulnerability has been identified in Core FTP/SFTP Server version 1.2, specifically in Build 589.42. This vulnerability allows attackers to crash the service by entering an excessively long string, approximately 7000 bytes, into the User domain field. The overflow occurs in the domain configuration, leading to an application crash and denial-of-service condition.

Impact

Exploitation of this vulnerability causes the application to crash, leading to a denial-of-service condition where the FTP/SFTP service becomes unavailable.

Reproduction

To reproduce this vulnerability, paste a payload of 7000 bytes into the User domain field of the Core FTP/SFTP Server application. After entering the payload, the application will crash, demonstrating the denial-of-service condition.

Added: Mar 30, 2026, 12:19 PM

Updated: Mar 30, 2026, 12:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.6

remediation

0.0

relevance

4.9

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.6

remediation

0.0

relevance

4.9

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Core FTP/SFTP Server Buffer Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating