CVE-2014-125114
published 2025-07-25CVE-2014-125114: A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling of the Time attribute within Schedule.xml. By placing a…
PriorityP349high8.4CVSS 4.0
AVLACLATNPRNUIAVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
0.62%
45.1th percentile
A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling of the Time attribute within Schedule.xml. By placing a specially crafted Schedule.xml file in the i-Ftp application directory, a remote attacker can trigger a buffer overflow during scheduled download parsing, potentially leading to arbitrary code execution or a crash.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| i-ftp | i-ftp | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for creation or modification of Schedule.xml in the i-FTP application directory, especially files containing an abnormally long 'Time' attribute value. ↗
- →Alert on stack-based buffer overflow conditions triggered during i-Ftp scheduled download parsing, particularly on Windows XP SP3 targets running i-Ftp v2.20. ↗
- →Inspect Schedule.xml files placed in the i-FTP folder for a long/oversized 'Time' attribute value as the overflow trigger. ↗
- ·Exploitation requires the victim to place the malicious Schedule.xml in the i-FTP application directory — this is a file-plant/social-engineering vector, not a direct network exploit. ↗
- ·The Metasploit module was only validated on Windows XP SP3; exploitation reliability on other Windows versions is unconfirmed. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/iftp_schedule_bof.rbhttps://www.exploit-db.com/exploits/35177https://www.exploit-db.com/exploits/35671https://www.vulncheck.com/advisories/iftp-schedule-stack-based-buffer-overflowhttps://www.exploit-db.com/exploits/35177https://www.exploit-db.com/exploits/35671
2025-07-25
Published