What is the CVSS score of CVE-2019-25321?

CVE-2019-25321 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.3%.

Which versions of Ftp Navigator are affected by CVE-2019-25321?

FTP Navigator 8.03 contains a critical remote code execution vulnerability (CVE-2019-25321) that allows attackers to gain complete system control without authentication.

Is there a public PoC exploit available for CVE-2019-25321?

Yes, a public proof-of-concept exploit is available for CVE-2019-25321. Prioritise patching immediately. EPSS: 0.3%.

How to fix or mitigate CVE-2019-25321?

Within 24 hours: Identify all systems running FTP Navigator 8.03 and assess network exposure; disable or isolate affected instances if possible. Within 7 days: Evaluate migration to patched versions or alternative FTP solutions; implement network segmentation to restrict access to FTP Navigator systems. Within 30 days: Complete replacement or upgrade of FTP Navigator; verify no unauthorized access occurred through log analysis.

Ftp Navigator CVE-2019-25321

CRITICAL

Stack-based Buffer Overflow (CWE-121)

2026-02-12 disclosure@vulncheck.com

RCE Buffer Overflow Stack Overflow Ftp Navigator

9.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:02 vuln.today

PoC Detected

Mar 03, 2026 - 14:48 vuln.today

Public exploit code

CVE Published

Feb 12, 2026 - 23:16 nvd

CRITICAL 9.8

DescriptionNVD

FTP Navigator 8.03 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload that triggers a buffer overflow when pasted into the Custom Command textbox, enabling remote code execution and launching the calculator as proof of concept.

AnalysisAI

Stack overflow in FTP Navigator 8.03 via SEH overwrite. PoC available.

Technical ContextAI

CWE-121 SEH overwrite in FTP client.

RemediationAI

Replace with maintained FTP client.

CVE-2019-25321 vulnerability details – vuln.today

Back

Ftp Navigator CVE-2019-25321

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code