CVE-2017-14742

CRITICAL

LabF nfsAxe FTP client 3.7 - Remote Code Execution via Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-14742. PoCs published by wetw0rk.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in LabF nfsAxe 3.7 FTP client, bypassing DEP via a ROP chain to achieve remote code execution. It sends a crafted payload to overwrite the SEH record and execute shellcode.

Description

Buffer overflow in LabF nfsAxe FTP client 3.7 allows an attacker to execute code remotely.

Exploits (1)

exploitdb WORKING POC

by wetw0rk · pythonremotewindows

https://www.exploit-db.com/exploits/43236

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in LabF nfsAxe 3.7 FTP client, bypassing DEP via a ROP chain to achieve remote code execution. It sends a crafted payload to overwrite the SEH record and execute shellcode.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: LabF nfsAxe 3.7

No auth needed

Prerequisites: Network access to the target · Target must connect to the malicious FTP server

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/43236/

Scores

CVSS v3 9.8

EPSS 0.0280

EPSS Percentile 84.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (1)

labf/nfsaxe 3.7

Published Oct 25, 2019

Tracked Since Feb 18, 2026