cbcvebase.
CVE-2010-20108
published 2025-08-21

CVE-2010-20108: FTPPad <= 1.2.0 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and…

PriorityP351high8.4CVSS 4.0
AVLACLATNPRNUIAVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
0.48%
37.5th percentile
FTPPad <= 1.2.0 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long directory and filename, the application fails to properly validate input length. This results in a buffer overflow that overwrites the saved Extended Instruction Pointer (EIP), allowing remote attackers to execute arbitrary code.

Affected

1 ranges
VendorProductVersion rangeFixed in
ftppadftppad_ftp_client<= 1.2.0

Detection & IOCsextracted from sources · hover to see the quote

versionFTPPad <= 1.2.0
commandLIST
  • Payload is located at EDX+5c and ESI+5c offsets; a register pivot/sniper technique is required to redirect execution to shellcode.
  • The overflow is triggered server-side via a crafted FTP LIST response containing an excessively long directory and filename, overwriting the saved EIP — monitor FTP LIST responses with abnormally large directory/filename fields directed at FTPPad clients.
  • ·This is a client-side exploit triggered by a malicious FTP server response; the attacker must control or impersonate an FTP server that the victim FTPPad client connects to.
  • ·A Metasploit module exists for this vulnerability (modules/exploits/windows/ftp/ftppad_list_reply.rb), indicating it is weaponized and readily exploitable.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.