CVE-2012-10030

CRITICAL

FreeFloat FTP Server - Unauthenticated RCE

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2012-10030. PoCs published by Metasploit, sinn3r, juan vazquez, including Metasploit module exploits/windows/ftp/freefloatftp_wbem.

AI-analyzed exploit summary This Metasploit module exploits FreeFloat FTP Server by leveraging unauthenticated access and arbitrary file upload to achieve remote code execution via WMI. It uploads a malicious executable and a MOF file to trigger payload execution.

Description

FreeFloat FTP Server contains multiple critical design flaws that allow unauthenticated remote attackers to upload arbitrary files to sensitive system directories. The server accepts empty credentials, defaults user access to the root of the C:\ drive, and imposes no restrictions on file type or destination path. These conditions enable attackers to upload executable payloads and .mof files to locations such as system32 and wbem\mof, where Windows Management Instrumentation (WMI) automatically processes and executes them. This results in remote code execution with SYSTEM-level privileges, without requiring user interaction.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/23226

View Code ZIP pw:eip

This Metasploit module exploits FreeFloat FTP Server by leveraging unauthenticated access and arbitrary file upload to achieve remote code execution via WMI. It uploads a malicious executable and a MOF file to trigger payload execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: FreeFloat FTP Server

No auth needed

Prerequisites: Network access to the FTP server · WMI service running on the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1047 - Windows Management Instrumentation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by sinn3r, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/freefloatftp_wbem.rb

View Code ZIP pw:eip

This Metasploit module exploits an arbitrary file upload vulnerability in FreeFloat FTP Server by leveraging anonymous authentication and unrestricted file system access to upload a malicious executable and a MOF file, which is then executed via WMI.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: FreeFloat FTP Server

No auth needed

Prerequisites: Network access to the FTP server · WMI service running on the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1047 - Windows Management Instrumentation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Exploit exploit

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/freefloatftp_wbem.rb

Exploit exploit

https://www.exploit-db.com/exploits/23226

Third Party Advisory third-party-advisory

https://www.fortiguard.com/encyclopedia/ips/34209/freefloat-ftp-server-arbitrary-file-upload

Product product

https://archive.org/details/tucows_367516_Freefloat_FTP_Server

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/freefloat-ftp-server-arbitrary-file-upload

Scores

CVSS v3 9.8

EPSS 0.7256

EPSS Percentile 98.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-732 CWE-306 CWE-434

Status published

Products (2)

freefloat/freefloat_ftp_server 1.0

FreeFloat/FTP Server

Published Aug 05, 2025

Tracked Since Feb 18, 2026