Platform
windows
Component
core-ftp-sftp-server
Fixed in
2.0.1
CVE-2019-25654 describes a buffer overflow vulnerability affecting Core FTP/SFTP Server versions 2-Build 673. This flaw allows attackers to crash the service by exploiting the User domain field, resulting in a denial-of-service condition. While no active exploitation is currently known, the vulnerability's ease of exploitation warrants immediate attention. A patched version is available to address this issue.
The primary impact of CVE-2019-25654 is a denial-of-service (DoS) attack. An attacker can trigger a crash in the Core FTP/SFTP Server service by sending a malicious payload, specifically a string exceeding the expected length, to the User domain field during configuration. This crash renders the FTP/SFTP service unavailable, disrupting file transfer operations and potentially impacting critical business processes. The simplicity of the exploit, requiring only the submission of a long string, makes it accessible to a wide range of attackers. While the vulnerability doesn't directly lead to data exfiltration or remote code execution, the disruption of service can have significant operational consequences.
CVE-2019-25654 was published on 2026-03-30. While no public proof-of-concept (PoC) is currently available, the vulnerability's simplicity suggests a high likelihood of PoC development. The EPSS score is likely medium due to the ease of exploitation. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.06% (17% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2019-25654 is to upgrade to a patched version of Core FTP/SFTP Server. As no specific patched version is provided, contact the vendor for the latest release. If upgrading is not immediately feasible, consider implementing temporary workarounds. While a WAF or proxy cannot directly prevent this specific buffer overflow, input validation on the User domain field could offer some limited protection. Monitor system logs for unusual activity or crashes related to the FTP/SFTP service. After upgrading, confirm the fix by attempting to submit a long string to the User domain field and verifying that the service does not crash.
Update Core FTP/SFTP Server to a version later than 2-Build 673. This will fix the buffer overflow vulnerability in the user domain field.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2019-25654 is a buffer overflow vulnerability in Core FTP/SFTP Server 2-Build 673 that allows attackers to crash the service by sending a long string to the User domain field.
If you are using Core FTP/SFTP Server version 2-Build 673, you are potentially affected by this vulnerability. Upgrade to a patched version as soon as possible.
Upgrade to a patched version of Core FTP/SFTP Server. Contact the vendor for the latest release. If upgrading is not possible, consider temporary workarounds like input validation.
While no active exploitation is currently known, the vulnerability's simplicity suggests a high likelihood of exploitation. Monitor your systems for suspicious activity.
Refer to the vendor's website or security advisories for the latest information and updates regarding CVE-2019-25654.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.