CVE-2025-5109
published 2025-05-23CVE-2025-5109: A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component STATUS Command Handler. The…
PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.60%
44.0th percentile
A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component STATUS Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| freefloat | freefloat_ftp_server | — | — |
| freefloat | ftp_server | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.06.9MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m4g8-47g2-j394: A vulnerability classified as critical has been found in FreeFloat FTP Server 1
ghsa_unreviewed·2025-05-23
CVE-2025-5109 [MEDIUM] CWE-119 GHSA-m4g8-47g2-j394: A vulnerability classified as critical has been found in FreeFloat FTP Server 1
A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component STATUS Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Citrix
Citrix Security Bulletin CTX214006
vendor_citrix·CVSS 4.3
CVE-2016-5109 [MEDIUM] Citrix Security Bulletin CTX214006
Citrix Security Bulletin CTX214006
CVE References: CVE-2016-5109, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://fitoxs.com/exploit/exploit-0420d1a7d4e6b45cf1f0b87c2d580c4df77281242d0e9d1b77d7e2fd08f3a41d.txthttps://vuldb.com/?ctiid.310086https://vuldb.com/?id.310086https://vuldb.com/?submit.581298https://fitoxs.com/exploit/exploit-0420d1a7d4e6b45cf1f0b87c2d580c4df77281242d0e9d1b77d7e2fd08f3a41d.txthttps://vuldb.com/?submit.581298
2025-05-23
Published