CVE-2025-5595 – CVE-2025-5595 is a critical buffer overflow vul... (How to Fix)

Q: What is the severity of CVE-2025-5595?

CVE-2025-5595 has a CVSS score of 7.3 (HIGH). CVE-2025-5595 is a critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's PROGRESS command handler that allows remote attackers to execute arbitrary code or crash the service. This affects all deployments of FreeFloat FTP Server 1.0. The vulnerability is remotely exploitable without authentication.

📋 TL;DR

CVE-2025-5595 is a critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's PROGRESS command handler that allows remote attackers to execute arbitrary code or crash the service. This affects all deployments of FreeFloat FTP Server 1.0. The vulnerability is remotely exploitable without authentication.

💻 Affected Systems

Products:

FreeFloat FTP Server

Versions: 1.0

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of FreeFloat FTP Server 1.0 are vulnerable regardless of configuration.

📦 What is this software?

Freefloat Ftp Server by Freefloat

View all CVEs affecting Freefloat Ftp Server →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Service disruption through denial of service (crash) or limited code execution for foothold establishment.

🟢

If Mitigated

If network segmentation and strict firewall rules are in place, impact is limited to the FTP service itself.

🌐 Internet-Facing: HIGH - Remote unauthenticated exploitation makes internet-facing instances extremely vulnerable.

🏢 Internal Only: MEDIUM - Internal network exposure still presents risk but with reduced attack surface.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit code is available, making exploitation trivial for attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: N/A

Vendor Advisory: N/A

Restart Required: No

Instructions:

No official patch exists. Consider migrating to a supported FTP server solution.

🔧 Temporary Workarounds

Network Segmentation and Firewall Rules

windows

Block external access to FreeFloat FTP Server ports (default TCP 21) and restrict internal access to trusted IPs only.

netsh advfirewall firewall add rule name="Block FreeFloat FTP" dir=in action=block protocol=TCP localport=21

Disable FreeFloat FTP Service

windows

Stop and disable the FreeFloat FTP Server service to prevent exploitation.

sc stop FreeFloatFTPServer
sc config FreeFloatFTPServer start= disabled

🧯 If You Can't Patch

Replace FreeFloat FTP Server with a maintained alternative like FileZilla Server, vsftpd, or ProFTPD
Implement strict network access controls and monitor for exploitation attempts

🔍 How to Verify

Check if Vulnerable:

Check if FreeFloat FTP Server 1.0 is installed and running on the system.

Check Version:

Check Windows Services for 'FreeFloat FTP Server' or examine installed programs in Control Panel

Verify Fix Applied:

Verify the service is stopped/disabled or replaced with alternative software.

📡 Detection & Monitoring

Log Indicators:

Multiple failed connection attempts to FTP port
Unusual PROGRESS command usage patterns
Service crash events in Windows Event Log

Network Indicators:

Unusual traffic to FTP port 21 from untrusted sources
Buffer overflow patterns in FTP protocol traffic

SIEM Query:

source="windows" AND (event_id=7036 AND service_name="FreeFloat FTP Server") OR (event_id=4625 AND destination_port=21)

📊 Metadata

CVE ID: CVE-2025-5595

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-119

EPSS Score: 0.11% exploit probability (29.1th percentile)

Published: June 4, 2025

Last Updated: June 24, 2025

🔗 References

https://fitoxs.com/exploit/exploit-ecb3f049a567f5dd9e36ad55d28579e2403e4e4cb487028f02c25a7a9ea4dc5a.txt Exploit
https://vuldb.com/?ctiid.311081 Permissions Required,VDB Entry
https://vuldb.com/?id.311081 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.587018 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-5595, you might also want to check these: