CVE-2012-10023

CRITICAL

FreeFloat FTP Server 1.0.0 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2012-10023. PoCs published by D35m0nd142, 0v3r, including Metasploit module exploits/windows/ftp/freefloatftp_user.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in FreeFloat FTP Server via the USER command. It sends a crafted payload with NOP sleds and shellcode to achieve remote code execution, spawning a reverse shell on port 4444.

Description

A stack-based buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0. The server fails to properly validate input passed to the USER command, allowing remote attackers to overwrite memory and potentially execute arbitrary code. The flaw is triggered by sending an overly long username string, which overflows the buffer allocated for user authentication.

Exploits (3)

exploitdb WORKING POC VERIFIED
by D35m0nd142 · pythonremotewindows
https://www.exploit-db.com/exploits/23243

This exploit targets a buffer overflow vulnerability in FreeFloat FTP Server via the USER command. It sends a crafted payload with NOP sleds and shellcode to achieve remote code execution, spawning a reverse shell on port 4444.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: FreeFloat FTP Server (version unspecified)
No auth needed
Prerequisites: Network access to the target FTP server on port 21 · Target system vulnerable to the buffer overflow
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by 0v3r · pythonremotewindows
https://www.exploit-db.com/exploits/15689

This exploit targets a buffer overflow vulnerability in Freefloat FTP Server by sending a maliciously crafted USER command with a bind shell payload. The exploit overwrites the EIP with a JMP ESP address to redirect execution to the shellcode.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Freefloat FTP Server (version unspecified)
No auth needed
Prerequisites: Network access to the target FTP server · Target running Freefloat FTP Server on Windows XP SP3 EN
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by D35m0nd142 · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/freefloatftp_user.rb

This Metasploit module exploits a stack-based buffer overflow in FreeFloat FTP Server via a maliciously crafted 'USER' command. It leverages a known return address in mscvrt.dll to achieve remote code execution on Windows XP SP3.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: FreeFloat FTP Server
No auth needed
Prerequisites: Network access to the target FTP server · Target running FreeFloat FTP Server on Windows XP SP3
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7

Scores

CVSS v3 9.8
EPSS 0.8047
EPSS Percentile 99.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-121
Status published
Products (2)
freefloat/freefloat_ftp_server 1.0
FreeFloat/FTP Server
Published Aug 05, 2025
Tracked Since Feb 18, 2026