CVE-2019-25321

HIGH EPSS 47.3%
Published Feb 12, 20264mo ago · Modified Mar 3, 20264mo ago
8.4 CVSS 4.0
High
Find Similar
Published Feb 12, 2026 4mo ago
Last Modified Mar 3, 2026 4mo ago

Description

FTP Navigator 8.03 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload that triggers a buffer overflow when pasted into the Custom Command textbox, enabling remote code execution and launching the calculator as proof of concept.

CVSS Details

Base Score
8.4
Exploitability
Impact
Vector string
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction A
Scope X

Threat Intelligence

EPSS Exploit Probability
47.3% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-121

Affected Products 1

VendorProductVersionRange
internet-softftp_navigator* ≤8.03

References 4

  • internet-soft.com http://www.internet-soft.com/
    Product
  • exploit-db.com https://www.exploit-db.com/exploits/47794
    ExploitVDB Entry
  • exploit-db.com https://www.exploit-db.com/exploits/47812
    ExploitThird Party AdvisoryVDB Entry
  • vulncheck.com https://www.vulncheck.com/advisories/ftp-navigator-stack-overflow-seh
    Third Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.