Platform
windows
Component
nico-ftp
Fixed in
3.0.2
CVE-2018-25254 describes a critical buffer overflow vulnerability affecting NICO-FTP versions 3.0.1.19 through 3.0.1.19. This flaw allows a remote attacker to execute arbitrary code on a vulnerable system. The vulnerability stems from improper handling of FTP commands, specifically oversized data in response handlers, which can lead to SEH pointer overwrites. A patch is required to address this security issue.
The impact of CVE-2018-25254 is severe. A successful exploit allows an attacker to gain complete control of the affected system. This could involve installing malware, stealing sensitive data, or using the compromised system as a launchpad for further attacks within the network. The ability to overwrite SEH pointers is a particularly dangerous characteristic, as it provides a reliable mechanism for code execution. Exploitation is likely to be straightforward given the vulnerability's nature and the potential for crafting malicious FTP commands.
CVE-2018-25254 was published on 2026-04-04. The vulnerability's ease of exploitation and the potential for remote code execution suggest a medium probability of exploitation. Public proof-of-concept (POC) code may exist or be developed, increasing the risk. The vulnerability is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.23% (46% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2018-25254 is to upgrade to a patched version of NICO-FTP. Unfortunately, a specific fixed version is not provided in the data. If upgrading is not immediately feasible, consider temporarily disabling the FTP service to prevent potential exploitation. Implementing strict input validation on FTP commands can also help reduce the attack surface, although this is not a complete solution. Monitor FTP logs for unusual activity or large data transfers that could indicate an attempted exploit.
Update to a patched version of NICO-FTP that addresses the buffer overflow vulnerability. Refer to the vendor's documentation or website for information on available updates. As an additional security measure, disable the NICO-FTP service until the update can be applied.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2018-25254 is a critical buffer overflow vulnerability in NICO-FTP versions 3.0.1.19–3.0.1.19, allowing remote code execution via crafted FTP commands.
You are affected if you are running NICO-FTP version 3.0.1.19 through 3.0.1.19. Check your installed version and upgrade immediately.
Upgrade to a patched version of NICO-FTP. Unfortunately, a specific fixed version is not provided; contact the vendor for updates.
While there's no confirmed widespread exploitation, the vulnerability's severity and ease of exploitation suggest a potential for active campaigns.
Consult the NICO-FTP vendor's website or security mailing lists for official advisories related to CVE-2018-25254.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.