What is the CVSS score of CVE-2025-5664?

CVE-2025-5664 has a CVSS 3.1 base score of 7.3 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L. EPSS exploitation probability: 0.2%.

Which versions of Freefloat Ftp Server are affected by CVE-2025-5664?

FreeFloat FTP Server 1.0 contains a critical buffer overflow vulnerability in the RESTART command handler that allows remote attackers to execute arbitrary code without authentication.

Is there a public PoC exploit available for CVE-2025-5664?

Yes, a public proof-of-concept exploit is available for CVE-2025-5664. Prioritise patching immediately. EPSS: 0.2%.

How to fix or mitigate CVE-2025-5664?

Within 24 hours: Identify all systems running FreeFloat FTP Server 1.0 and assess their network exposure and data criticality. Within 7 days: Implement network-level mitigations including FTP command filtering, IP whitelisting, and segmentation to restrict RESTART command access; disable the FTP service if not operationally critical. Within 30 days: Plan migration to a patched or alternative FTP solution; evaluate vendor communication for patch availability or end-of-life status.

Freefloat Ftp Server CVE-2025-5664

EUVD-2025-17004 HIGH

Buffer Overflow (CWE-119)

2025-06-05 cna@vuldb.com

Buffer Overflow Freefloat Ftp Server

7.3

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Lifecycle Timeline

EUVD ID Assigned

Mar 14, 2026 - 17:53 euvd

EUVD-2025-17004

Analysis Generated

Mar 14, 2026 - 17:53 vuln.today

PoC Detected

Jun 24, 2025 - 15:21 vuln.today

Public exploit code

CVE Published

Jun 05, 2025 - 15:15 nvd

HIGH 7.3

DescriptionNVD

A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RESTART Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

Critical buffer overflow vulnerability in the RESTART Command Handler of FreeFloat FTP Server 1.0 that allows unauthenticated remote attackers to cause denial of service and potentially achieve information disclosure or integrity compromise. The vulnerability is classified as critical by the vendor, has a disclosed proof-of-concept, and poses immediate risk to exposed FTP servers; however, the CVSS 7.3 score reflects moderate actual impact (low confidentiality, integrity, and availability) rather than critical severity.

Technical ContextAI

FreeFloat FTP Server is a Windows-based FTP daemon that implements RFC 959 FTP protocol. The vulnerability exists in the RESTART (REST) command handler, which is responsible for setting the restart/resume point for file transfers. The ROOT CAUSE is CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), a classic stack or heap buffer overflow. When a malformed REST command with an oversized argument is sent to the FTP server, the handler fails to properly validate input length before copying data into a fixed-size buffer. Since FTP RESTART commands are part of the core protocol and require no authentication (RFC 959 specifies REST as a non-authenticated command), any network-accessible FTP server is vulnerable. The affected CPE would be: cpe:2.3:a:freefloat:freefloat_ftp_server:1.0:*:*:*:*:*:*:* (exact CPE not provided in source but inferred from description). The buffer overflow occurs in memory space controlled by the FTP service process, potentially enabling code execution or crash-based DoS.

RemediationAI

PRIMARY: Upgrade to a patched version of FreeFloat FTP Server if available from vendor (vendor advisory must be consulted—none provided in source). SECONDARY (if no patch exists): (1) Disable FTP service entirely and migrate to SFTP/SSH File Transfer (recommended); (2) Restrict FTP port access via firewall to trusted internal networks only; (3) Run FTP service under a least-privilege account to limit code execution impact; (4) Monitor FTP logs for suspicious REST commands (e.g., unusually long arguments); (5) Deploy intrusion detection signatures to alert on malformed RESTART commands; (6) Consider WAF/IPS rules to drop REST commands with payloads exceeding normal size limits (typically <10 bytes for numeric arguments). PATCH STATUS: Unknown—organization must contact FreeFloat vendor directly. Given the age of FreeFloat 1.0, vendor may have ceased support; in this case, migration to modern FTP/SFTP alternatives is mandatory.

CVE-2025-5664 vulnerability details – vuln.today

Back