cbcvebase.
CVE-2014-125114
published 2025-07-25

CVE-2014-125114: A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling of the Time attribute within Schedule.xml. By placing a…

PriorityP349high8.4CVSS 4.0
AVLACLATNPRNUIAVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
0.62%
45.1th percentile
A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling of the Time attribute within Schedule.xml. By placing a specially crafted Schedule.xml file in the i-Ftp application directory, a remote attacker can trigger a buffer overflow during scheduled download parsing, potentially leading to arbitrary code execution or a crash.

Affected

1 ranges
VendorProductVersion rangeFixed in
i-ftpi-ftp

Detection & IOCsextracted from sources · hover to see the quote

filenameSchedule.xml
versioni-Ftp 2.20
  • Monitor for creation or modification of Schedule.xml in the i-FTP application directory, especially files containing an abnormally long 'Time' attribute value.
  • Alert on stack-based buffer overflow conditions triggered during i-Ftp scheduled download parsing, particularly on Windows XP SP3 targets running i-Ftp v2.20.
  • Inspect Schedule.xml files placed in the i-FTP folder for a long/oversized 'Time' attribute value as the overflow trigger.
  • ·Exploitation requires the victim to place the malicious Schedule.xml in the i-FTP application directory — this is a file-plant/social-engineering vector, not a direct network exploit.
  • ·The Metasploit module was only validated on Windows XP SP3; exploitation reliability on other Windows versions is unconfirmed.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.