CVE-2012-10035

CRITICAL

Turbo FTP Server <1.30.823-1.30.826 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2012-10035. PoCs published by Metasploit, Zhao Liang, Lincoln, corelanc0d3r, thelightcosine, including Metasploit module exploits/windows/ftp/turboftp_port.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow in Turbo FTP Server's PORT command to achieve remote code execution with SYSTEM privileges. It uses ROP chains and an egghunter to deploy the payload.

Description

Turbo FTP Server versions 1.30.823 and 1.30.826 contain a buffer overflow vulnerability in the handling of the PORT command. By sending a specially crafted payload, an unauthenticated remote attacker can overwrite memory structures and execute arbitrary code with SYSTEM privileges.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/22161

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow in Turbo FTP Server's PORT command to achieve remote code execution with SYSTEM privileges. It uses ROP chains and an egghunter to deploy the payload.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Turbo FTP Server 1.30.823 & 1.30.826

No auth needed

Prerequisites: Network access to the Turbo FTP Server · PORT command enabled

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC GREAT

by Zhao Liang, Lincoln, corelanc0d3r, thelightcosine · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/turboftp_port.rb

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow in Turbo FTP Server's PORT command (CVE-2012-10035) to achieve remote code execution as SYSTEM. It uses ROP chains and an egghunter to bypass memory protections and locate the payload.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Turbo FTP Server 1.30.823 & 1.30.826

No auth needed

Prerequisites: Network access to the FTP server · FTP service running on target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Various Sources exploit

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/turboftp_port.rb

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/22161

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/turbo-ftp-server-port-command-buffer-overflow

Scores

CVSS v4 10.0

EPSS 0.0098

EPSS Percentile 57.4%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-120

Status published

Products (2)

TurboSoft, Inc./TurboFTP Server 1.30.823

TurboSoft, Inc./TurboFTP Server 1.30.826

Published Aug 05, 2025

Tracked Since Feb 18, 2026