Critical Buffer Overflow CVE-2018-25254 in NICO-FTP Enables Remote Code Execution
Summary
CVE-2018-25254 is a critical structured exception handler (SEH) buffer overflow vulnerability in NICO-FTP 3.0.1.19 that allows remote attackers to execute arbitrary code via crafted FTP commands. The vulnerability has a CVSS score of 9.8 and a public exploit is available on Exploit-DB.
Threat Analysis
CVE-2018-25254 is a critical structured exception handler (SEH) buffer overflow vulnerability in NICO-FTP version 3.0.1.19 with a CVSS score of 9.8. Remote attackers can exploit this flaw by sending specially crafted FTP commands to the application, triggering a buffer overflow that overwrites the SEH chain and enables arbitrary code execution.
Affected Products: NICO-FTP version 3.0.1.19.
Exploitation: A public exploit is available on Exploit-DB (EDB-45442). The vulnerability requires network access but no authentication, and has low attack complexity.
Recommended Mitigations: Discontinue use of NICO-FTP 3.0.1.19 and upgrade to a patched version or migrate to a supported FTP client. Apply network-level controls to restrict FTP access to trusted hosts. Monitor for anomalous FTP traffic patterns that may indicate exploitation attempts.