EIP-2026-115305

PRE-CVE

FreshFTP 5.52 - '.qfl' Crash (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115305. PoCs published by Un_N0n.

AI-analyzed exploit summary This is a writeup describing a local Denial of Service (DoS) vulnerability in FreshFTP 5.52. The exploit involves creating a malformed .QFL file with an oversized payload, causing high CPU and RAM usage when parsed by the application.

Description

FreshFTP 5.52 - '.qfl' Crash (PoC)

Exploits (1)

exploitdb WRITEUP

by Un_N0n · textdoswindows

https://www.exploit-db.com/exploits/38317

View Code ZIP pw:eip

This is a writeup describing a local Denial of Service (DoS) vulnerability in FreshFTP 5.52. The exploit involves creating a malformed .QFL file with an oversized payload, causing high CPU and RAM usage when parsed by the application.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: FreshFTP 5.52

No auth needed

Prerequisites: Access to the system where FreshFTP is installed · Ability to create a malformed .QFL file in the FreshFTP directory

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026