CVE-2018-7573 – CVE-2018-7573 is a buffer overflow vulnerabilit... (How to Fix)

Q: What is the severity of CVE-2018-7573?

CVE-2018-7573 has a CVSS score of 9.8 (CRITICAL). CVE-2018-7573 is a buffer overflow vulnerability in FTPShell Client 6.7 that allows a malicious FTP server to crash the client application and potentially execute arbitrary code on the victim's machine. This affects users who connect to untrusted FTP servers using the vulnerable FTPShell Client software.

📋 TL;DR

CVE-2018-7573 is a buffer overflow vulnerability in FTPShell Client 6.7 that allows a malicious FTP server to crash the client application and potentially execute arbitrary code on the victim's machine. This affects users who connect to untrusted FTP servers using the vulnerable FTPShell Client software.

💻 Affected Systems

Products:

FTPShell Client

Versions: 6.7

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects FTPShell Client when connecting to malicious FTP servers. The vulnerability is triggered by the server response.

📦 What is this software?

Ftpshell Client by Ftpshell

View all CVEs affecting Ftpshell Client →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete compromise of the victim machine, data theft, and lateral movement within the network.

🟠

Likely Case

Application crash and denial of service, with potential for code execution if exploit is weaponized.

🟢

If Mitigated

No impact if vulnerable software is not used or properly patched.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit code is publicly available. The vulnerability requires the victim to connect to a malicious FTP server.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: No official vendor advisory found

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or switching to alternative FTP client software.

🔧 Temporary Workarounds

Use alternative FTP client

windows

Replace FTPShell Client with a different, secure FTP client software.

Network filtering

all

Block connections to untrusted FTP servers at the network level.

🧯 If You Can't Patch

Discontinue use of FTPShell Client 6.7 immediately
Implement application whitelisting to prevent execution of FTPShell Client

🔍 How to Verify

Check if Vulnerable:

Check if FTPShell Client version 6.7 is installed on the system.

Check Version:

Check program properties or About dialog in FTPShell Client interface

Verify Fix Applied:

Verify that FTPShell Client 6.7 has been removed or replaced with alternative software.

📡 Detection & Monitoring

Log Indicators:

FTPShell Client crash logs
Unexpected application termination events

Network Indicators:

Connections to FTP servers followed by application crashes

SIEM Query:

EventID=1000 OR EventID=1001 AND ProcessName="FTPShell.exe"

📊 Metadata

CVE ID: CVE-2018-7573

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-119

Published: March 1, 2018

Last Updated: November 21, 2024

🔗 References

https://cxsecurity.com/issue/WLB-2018030011 Exploit,Third Party Advisory
https://www.exploit-db.com/exploits/44596/ Exploit,Third Party Advisory,VDB Entry
https://www.exploit-db.com/exploits/44968/ Exploit,Third Party Advisory,VDB Entry
https://cxsecurity.com/issue/WLB-2018030011 Exploit,Third Party Advisory
https://www.exploit-db.com/exploits/44596/ Exploit,Third Party Advisory,VDB Entry
https://www.exploit-db.com/exploits/44968/ Exploit,Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2018-7573, you might also want to check these: