Plattform
windows
Komponente
core-ftp-sftp-server
Behoben in
2.0.1
CVE-2019-25654 describes a buffer overflow vulnerability affecting Core FTP/SFTP Server versions 2-Build 673. This flaw allows attackers to crash the service by exploiting the User domain field, resulting in a denial-of-service condition. While no active exploitation is currently known, the vulnerability's ease of exploitation warrants immediate attention. A patched version is available to address this issue.
The vulnerability is triggered when an attacker provides an excessively long string – specifically, approximately 7000 bytes of data – as the User domain configuration parameter. This input overwhelms the application's memory handling capabilities, leading to a buffer overflow and a crash of the Core FTP/SFTP Server service. While the vulnerability does not allow for remote code execution, it can disrupt file transfer operations and potentially lead to data loss. The impact is amplified in environments where Core FTP/SFTP Server is used to manage critical file transfers.
CVE-2019-25654 was published on March 30, 2026. As of the current date, there are no publicly known active campaigns exploiting this vulnerability. No exploitation details or proof-of-concept (POC) code have been publicly released. The vulnerability's severity is rated as HIGH, indicating a significant risk. It is not currently listed on KEV or EPSS.
Organizations relying on Core FTP/SFTP Server version 2-Build 673 for file transfer operations are at risk. This includes businesses using the server for internal file sharing, external client access, or integration with other applications. Legacy systems or environments with limited patching capabilities are particularly vulnerable.
• windows / supply-chain:
Get-Process | Where-Object {$_.ProcessName -eq "CoreFTP"}• windows / supply-chain:
Get-WinEvent -LogName Application -Filter "EventID=1000 -Source CoreFTP" | Select-String -Pattern "buffer overflow"• windows / supply-chain: Check Autoruns for any unusual entries related to Core FTP/SFTP Server.
disclosure
Exploit-Status
EPSS
0.06% (17% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2019-25654 is to upgrade to a patched version of Core FTP/SFTP Server. However, a fixed version is not currently available. As a workaround, implement strict input validation on the User domain field, limiting the maximum length of the input string. Consider using a Web Application Firewall (WAF) to filter malicious requests. Monitor system logs for suspicious activity related to application crashes. After applying mitigations, verify their effectiveness by attempting to trigger the vulnerability with a long domain string and confirming that the service does not crash.
Actualizar Core FTP/SFTP Server a una versión posterior a la 2-Build 673. Esto solucionará la vulnerabilidad de desbordamiento de búfer en el campo de dominio del usuario.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2019-25654 is a buffer overflow vulnerability in Core FTP/SFTP Server 2-Build 673 that allows attackers to crash the service by sending a long string to the User domain field.
If you are using Core FTP/SFTP Server version 2-Build 673, you are potentially affected by this vulnerability. Upgrade to a patched version as soon as possible.
Upgrade to a patched version of Core FTP/SFTP Server. Contact the vendor for the latest release. If upgrading is not possible, consider temporary workarounds like input validation.
While no active exploitation is currently known, the vulnerability's simplicity suggests a high likelihood of exploitation. Monitor your systems for suspicious activity.
Refer to the vendor's website or security advisories for the latest information and updates regarding CVE-2019-25654.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.