cbcvebase.
CVE-2011-10029
published 2025-08-20

CVE-2011-10029: Solar FTP Server fails to properly handle format strings passed to the USER command. When a specially crafted string containing format specifiers is sent, the…

PriorityP258high8.7CVSS 4.0
AVNACLATNPRNUINVCNVINVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
0.68%
47.5th percentile
Solar FTP Server fails to properly handle format strings passed to the USER command. When a specially crafted string containing format specifiers is sent, the server crashes due to a read access violation in the __output_1() function of sfsservice.exe. This results in a denial of service (DoS) condition.

Affected

1 ranges
VendorProductVersion rangeFixed in
flexbyte_softwaresolar_ftp_server<= 2.1.1

Detection & IOCsextracted from sources · hover to see the quote

commandUSER %s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s
processsfsservice.exe
  • Monitor FTP USER commands containing format specifier characters (e.g., %s, %x, %n) sent to Solar FTP Server; such input triggers a read access violation in __output_1() of sfsservice.exe
  • Alert on unexpected termination or crash of the sfsservice.exe process, which is indicative of successful DoS exploitation
  • ·Vulnerability affects Solar FTP Server versions 2.1.1 and earlier only; verify target version before applying detections
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.