top of page
perceptive_background_267k.jpg

Core FTP/SFTP Server 1.2 contains a buffer overflow vulnerability that allows attackers to crash the service by supplying an excessively long string in the User…

Published:

29 March 2026 at 22:00:00

Alert date:

30 March 2026 at 13:00:55

Source:

nvd.nist.gov

Click to open the original link from this advisory

Network Infrastructure

CVE-2019-25654 is a buffer overflow vulnerability in Core FTP/SFTP Server version 1.2 that allows attackers to crash the service by supplying an excessively long string in the User domain field. The vulnerability can be triggered by pasting a malicious payload containing 7000 bytes of data into the domain configuration, resulting in application crash and denial of service. This is a denial of service vulnerability that affects the availability of the FTP server service.

Technical details

Mitigation steps:

Affected products:

Core FTP/SFTP Server

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2019-25654
http://www.coreftp.com/
http://www.coreftp.com/server/download/archive/CoreFTPServer589.42.exe
https://www.exploit-db.com/exploits/46371
https://www.vulncheck.com/advisories/core-ftp-sftp-server-denial-of-service-via-buffer-overflow

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page