CVE-2025-5075 – CVE-2025-5075 is a critical buffer overflow vul... (How to Fix)

Q: What is the severity of CVE-2025-5075?

CVE-2025-5075 has a CVSS score of 7.3 (HIGH). CVE-2025-5075 is a critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's DEBUG command handler that allows remote attackers to execute arbitrary code or crash the service. This affects all deployments of FreeFloat FTP Server 1.0 with the vulnerable component enabled. Attackers can exploit this without authentication over the network.

📋 TL;DR

CVE-2025-5075 is a critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's DEBUG command handler that allows remote attackers to execute arbitrary code or crash the service. This affects all deployments of FreeFloat FTP Server 1.0 with the vulnerable component enabled. Attackers can exploit this without authentication over the network.

💻 Affected Systems

Products:

FreeFloat FTP Server

Versions: 1.0

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: The DEBUG command handler appears to be enabled by default in FreeFloat FTP Server 1.0 installations.

📦 What is this software?

Freefloat Ftp Server by Freefloat

View all CVEs affecting Freefloat Ftp Server →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, and persistent backdoor installation.

🟠

Likely Case

Service crash causing denial of service, with potential for remote code execution by skilled attackers.

🟢

If Mitigated

Service disruption only if exploit attempts are blocked by network controls or DEP/ASLR protections.

🌐 Internet-Facing: HIGH - Remote unauthenticated exploitation makes internet-facing instances extremely vulnerable.

🏢 Internal Only: HIGH - Internal attackers or compromised internal systems can easily exploit this vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit code is available, making this easily weaponizable by attackers with basic skills.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: None

Vendor Advisory: None

Restart Required: No

Instructions:

No official patch exists. FreeFloat FTP Server appears to be abandoned software. Consider migrating to a maintained FTP server solution.

🔧 Temporary Workarounds

Disable DEBUG command

windows

Remove or disable the DEBUG command handler if configuration allows

Check FreeFloat FTP Server configuration files for DEBUG command settings

Network segmentation

all

Restrict access to FTP server using firewall rules

netsh advfirewall firewall add rule name="Block FTP" dir=in action=block protocol=TCP localport=21
iptables -A INPUT -p tcp --dport 21 -j DROP

🧯 If You Can't Patch

Immediately isolate affected systems from internet and restrict internal network access
Deploy intrusion prevention systems (IPS) with rules to detect and block DEBUG command exploitation attempts

🔍 How to Verify

Check if Vulnerable:

Check if FreeFloat FTP Server 1.0 is installed and running on port 21/TCP. Test with DEBUG command if accessible.

Check Version:

Check program files directory for FreeFloat FTP Server executable properties or installation logs.

Verify Fix Applied:

Verify FreeFloat FTP Server is no longer in use or has been replaced with secure alternative.

📡 Detection & Monitoring

Log Indicators:

DEBUG command usage in FTP logs
Multiple connection attempts followed by service crashes

Network Indicators:

Unusual DEBUG command traffic to FTP port 21
Patterns matching known exploit payloads

SIEM Query:

source="ftp.log" AND command="DEBUG" AND (payload_length>100 OR contains(buffer))

📊 Metadata

CVE ID: CVE-2025-5075

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-119

EPSS Score: 0.14% exploit probability (34.1th percentile)

Published: May 22, 2025

Last Updated: June 23, 2025

🔗 References

https://fitoxs.com/exploit/exploit-5c08f30e4ae57f2e4b89fbe5a5d6c540e3c359e1e5b12a00d4a6257b1b9fc935.txt Exploit
https://vuldb.com/?ctiid.309955 Permissions Required,VDB Entry
https://vuldb.com/?id.309955 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.581296 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-5075, you might also want to check these: