CVE-2018-25254

CRITICAL

NICO-FTP 3.0.1.19 Buffer Overflow SEH

Title source: cna
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-25254. PoCs published by Abdullah Alıç.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in NICO-FTP 3.0.1.19 by sending a crafted FTP response containing an egghunter and shellcode, leading to remote code execution via SEH overwrite.

Description

NICO-FTP 3.0.1.19 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending crafted FTP commands. Attackers can connect to the FTP service and send oversized data in response handlers to overwrite SEH pointers and redirect execution to injected shellcode.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Abdullah Alıç · pythonlocalwindows_x86
https://www.exploit-db.com/exploits/45442

This exploit demonstrates a buffer overflow vulnerability in NICO-FTP 3.0.1.19 by sending a crafted FTP response containing an egghunter and shellcode, leading to remote code execution via SEH overwrite.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: NICO-FTP 3.0.1.19
No auth needed
Prerequisites: Network access to the target FTP client · Target must connect to the malicious FTP server
devstral-2 · analyzed Apr 07, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit exploit
ExploitDB-45442
https://www.exploit-db.com/exploits/45442
Third Party Advisory third-party-advisory
VulnCheck Advisory: NICO-FTP 3.0.1.19 Buffer Overflow SEH
https://www.vulncheck.com/advisories/nico-ftp-buffer-overflow-seh

Scores

CVSS v3 9.8
EPSS 0.0091
EPSS Percentile 55.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-787
Status published
Products (2)
nico-ftp/NICO-FTP 3.0.1.19
nico-ftp_project/nico-ftp < 3.0.1.19
Published Apr 04, 2026
Tracked Since Apr 04, 2026