top of page
perceptive_background_267k.jpg

Core FTP/SFTP Server 1.2 contains a buffer overflow vulnerability that allows attackers to crash the service by supplying an excessively long string in the User…

Published:

29 maart 2026 om 22:00:00

Alert date:

30 maart 2026 om 13:00:55

Source:

nvd.nist.gov

Click to open the original link from this advisory

Network Infrastructure

CVE-2019-25654 is a buffer overflow vulnerability in Core FTP/SFTP Server version 1.2 that allows attackers to crash the service by supplying an excessively long string in the User domain field. The vulnerability can be triggered by pasting a malicious payload containing 7000 bytes of data into the domain configuration, resulting in application crash and denial of service. This is a denial of service vulnerability that affects the availability of the FTP server service.

Technical details

Mitigation steps:

Affected products:

Core FTP/SFTP Server

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2019-25654
http://www.coreftp.com/
http://www.coreftp.com/server/download/archive/CoreFTPServer589.42.exe
https://www.exploit-db.com/exploits/46371
https://www.vulncheck.com/advisories/core-ftp-sftp-server-denial-of-service-via-buffer-overflow

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page