CVE-2023-39063

HIGH

RaidenFTPD 2.4.4005 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-39063. PoCs published by AndreGNogueira.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2023-39063, a SEH-based buffer overflow in RaidenFTPD v2.4.4005. The exploit generates a malicious payload that triggers arbitrary code execution (calc.exe) when pasted into the 'Server name' field during the setup wizard.

Description

Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to execute arbitrary code via the Server name field of the Step by step setup wizard.

Exploits (1)

nomisec WORKING POC 5 stars

by AndreGNogueira · poc

https://github.com/AndreGNogueira/CVE-2023-39063

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2023-39063, a SEH-based buffer overflow in RaidenFTPD v2.4.4005. The exploit generates a malicious payload that triggers arbitrary code execution (calc.exe) when pasted into the 'Server name' field during the setup wizard.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: RaidenFTPD v2.4.4005

No auth needed

Prerequisites: RaidenFTPD v2.4.4005 installed · Access to the step-by-step setup wizard

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory

https://github.com/AndreGNogueira/CVE-2023-39063

Scores

CVSS v3 7.8

EPSS 0.0043

EPSS Percentile 34.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-120

Status published

Products (1)

raidenftpd/raidenftpd 2.4.4050

Published Sep 11, 2023

Tracked Since Feb 18, 2026