A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component MPUT Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
History

Wed, 03 Sep 2025 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Freefloat freefloat Ftp Server
CPEs cpe:2.3:a:freefloat:freefloat_ftp_server:1.0:*:*:*:*:*:*:*
Vendors & Products Freefloat freefloat Ftp Server

Mon, 19 May 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sun, 18 May 2025 01:15:00 +0000

Type Values Removed Values Added
Description A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component MPUT Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Title FreeFloat FTP Server MPUT Command buffer overflow
Weaknesses CWE-119
CWE-120
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-05-19T15:23:11.477Z

Reserved: 2025-05-16T15:02:38.622Z

Link: CVE-2025-4846

cve-icon Vulnrichment

Updated: 2025-05-19T15:18:37.447Z

cve-icon NVD

Status : Analyzed

Published: 2025-05-18T01:15:18.657

Modified: 2025-09-03T14:58:17.283

Link: CVE-2025-4846

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-06-24T09:44:16Z