Description
A buffer overflow vulnerability exists in the WinaXe FTP Client version 7.7 within the FTP banner parsing functionality, WCMDPA10.dll. When the client connects to a remote FTP server and receives an overly long '220 Server Ready' response, the vulnerable component responsible for parsing the banner overflows a stack buffer, leading to arbitrary code execution under the context of the user.
Published: 2025-07-15
Score: 8.7 High
EPSS: 56.7% High
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A stack buffer overflow has been identified in the banner parsing logic of WCMDPA10.dll in WinaXe FTP Client 7.7. When the client receives a 220 Server Ready message that exceeds the expected length, the overflow allows an attacker to overwrite the return pointer and inject arbitrary code. This flaw permits code execution with the privileges of the local user, potentially compromising confidentiality, integrity and availability of the system. The weakness aligns with CWE-121.

Affected Systems

Laboratory of Fine Applications (LabF) WinaXe FTP Client, version 7.7. The vulnerability resides in the FTP banner processing module and applies to installations of this specific release that have not applied any corrective update.

Risk and Exploitability

The CVSS v3 score of 8.7 marks this issue as high severity, and the EPSS percentage of 57% indicates a high likelihood that the vulnerability is being actively exploited in the wild. The vulnerability is not yet listed in CISA KEV, but the combination of a remote trigger and the ability to execute code suggests that it can be leveraged by attackers from a remote FTP server. An attacker would need control over an FTP server to send a crafted 220 banner; no local privilege escalation is required beyond user context.

Generated by OpenCVE AI on April 22, 2026 at 22:27 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Deploy the official patch or upgrade to a newer WinaXe FTP Client release that contains the stack buffer overflow fix.
  • If an update is not available immediately, block or filter incoming FTP connections and enforce a maximum length on 220 banner responses by configuring the FTP server or using a network firewall rule.
  • As a temporary workaround, modify the FTP server configuration to return a short 220 response that does not exceed the expected length.

Generated by OpenCVE AI on April 22, 2026 at 22:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-21424 A buffer overflow vulnerability exists in the WinaXe FTP Client version 7.7 within the FTP banner parsing functionality, WCMDPA10.dll. When the client connects to a remote FTP server and receives an overly long '220 Server Ready' response, the vulnerable component responsible for parsing the banner overflows a stack buffer, leading to arbitrary code execution under the context of the user.
History

Wed, 16 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00081}

Tue, 15 Jul 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 15 Jul 2025 13:15:00 +0000

Type Values Removed Values Added
Description A buffer overflow vulnerability exists in the WinaXe FTP Client version 7.7 within the FTP banner parsing functionality, WCMDPA10.dll. When the client connects to a remote FTP server and receives an overly long '220 Server Ready' response, the vulnerable component responsible for parsing the banner overflows a stack buffer, leading to arbitrary code execution under the context of the user.
Title WinaXe 7.7 FTP Client Remote Buffer Overflow
Weaknesses CWE-121
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-07T14:09:34.832Z

Reserved: 2025-04-15T19:15:22.560Z

Link: CVE-2025-34107

cve-icon Vulnrichment

Updated: 2025-07-15T13:29:25.763Z

cve-icon NVD

Status : Deferred

Published: 2025-07-15T13:15:30.387

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-34107

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T22:30:28Z

Weaknesses