CVE-2010-20113 – This vulnerability allows remote attackers to e... (How to Fix)

Q: What is the severity of CVE-2010-20113?

CVE-2010-20113 has a CVSS score of 9.8 (CRITICAL). This vulnerability allows remote attackers to execute arbitrary code on EasyFTP Server by exploiting a stack-based buffer overflow in the HTTP interface. Attackers can send specially crafted GET requests to list.html with an overly long path parameter, potentially gaining full system control. Organizations running EasyFTP Server 1.7.0.11 or earlier with the web interface exposed are affected.

📋 TL;DR

This vulnerability allows remote attackers to execute arbitrary code on EasyFTP Server by exploiting a stack-based buffer overflow in the HTTP interface. Attackers can send specially crafted GET requests to list.html with an overly long path parameter, potentially gaining full system control. Organizations running EasyFTP Server 1.7.0.11 or earlier with the web interface exposed are affected.

💻 Affected Systems

Products:

EasyFTP Server

Versions: 1.7.0.11 and earlier

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: The embedded HTTP server is enabled by default with anonymous access, making all default installations vulnerable.

📦 What is this software?

Easyftp Server by Easyftp Server Project

View all CVEs affecting Easyftp Server →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, ransomware deployment, or creation of persistent backdoors.

🟠

Likely Case

Remote code execution with SYSTEM/Administrator privileges, allowing attackers to install malware, exfiltrate data, or pivot to other systems.

🟢

If Mitigated

Denial of service or crash if exploit fails, but proper controls should prevent exploitation entirely.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Metasploit module available, exploit requires minimal technical skill, works reliably against vulnerable versions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.7.0.12 (renamed to UplusFtp)

Vendor Advisory: Not available

Restart Required: Yes

Instructions:

1. Download UplusFtp (successor product) from official vendor. 2. Uninstall EasyFTP Server completely. 3. Install UplusFtp. 4. Restart system. 5. Verify web interface is disabled or properly secured.

🔧 Temporary Workarounds

Disable HTTP Interface

windows

Completely disable the embedded web server component to remove attack surface.

Navigate to EasyFTP Server configuration, find HTTP/Web Server settings, disable all web services.

Network Segmentation

all

Block external access to EasyFTP Server HTTP port (default 80/8080) at firewall.

Firewall rule: Block TCP ports 80, 8080 to EasyFTP Server IP from external networks.

🧯 If You Can't Patch

Immediately disable the HTTP interface in server configuration
Implement strict network segmentation and firewall rules to block all external access to the server

🔍 How to Verify

Check if Vulnerable:

Check EasyFTP Server version in About dialog or program files. Versions 1.7.0.11 or earlier are vulnerable.

Check Version:

Check program files for version.txt or examine About dialog in GUI.

Verify Fix Applied:

Verify installation of UplusFtp or version 1.7.0.12+, test that HTTP interface no longer accepts malicious requests.

📡 Detection & Monitoring

Log Indicators:

Unusually long GET requests to list.html
Multiple failed requests with long path parameters
Server crash/restart events

Network Indicators:

HTTP requests with path parameters exceeding normal length (>200 chars) to list.html
Traffic patterns matching Metasploit exploit signatures

SIEM Query:

source="easyftp" AND (url="*list.html*" AND url_length>200) OR (event="crash" AND process="easyftp")

📊 Metadata

CVE ID: CVE-2010-20113

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-121

EPSS Score: 62.72% exploit probability (98.3th percentile)

Published: August 21, 2025

Last Updated: September 10, 2025

🔗 References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/easyftp_list.rb Exploit,Third Party Advisory
https://www.exploit-db.com/exploits/11500 Exploit,VDB Entry
https://www.vulncheck.com/advisories/easyftp-server-list-html-stack-buffer-overflow Third Party Advisory
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/easyftp_list.rb Exploit,Third Party Advisory
https://www.exploit-db.com/exploits/11500 Exploit,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2010-20113, you might also want to check these: