Description
Arcane Software’s Vermillion FTP Daemon (vftpd) versions up to and including 1.31 contains a memory corruption vulnerability triggered by a malformed FTP PORT command. The flaw arises from an out-of-bounds array access during input parsing, allowing an attacker to manipulate stack memory and potentially execute arbitrary code. Exploitation requires direct access to the FTP service and is constrained by a single execution attempt if the daemon is installed as a Windows service.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Dz_attacker · pythonremotewindows
https://www.exploit-db.com/exploits/11293
metasploit
WORKING POC
GREAT
by jduck · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/vermillion_ftpd_port.rb
References (7)
Scores
CVSS v4
9.3
EPSS
0.4956
EPSS Percentile
97.8%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
CWE
CWE-704
CWE-787
Status
published
Products (1)
Arcane Software/Vermillion FTP Daemon
< 1.31
Published
Aug 21, 2025
Tracked Since
Feb 18, 2026