CVE-2010-20113
Published: 21 August 2025
Summary
CVE-2010-20113 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Easyftp Server Project Easyftp Server. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 1.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates the CVE by requiring identification, reporting, and patching of the stack-based buffer overflow in the HTTP interface.
Requires validation of the path parameter length in GET requests to list.html to prevent the buffer overflow exploitation.
Implements memory protections such as stack canaries, ASLR, or DEP to block control flow corruption from the stack overflow.
NVD Description
EasyFTP Server 1.7.0.11 and earlier contains a stack-based buffer overflow vulnerability in its HTTP interface. When processing a GET request to list.html, the server fails to properly validate the length of the path parameter. Supplying an excessively long value causes…
more
a buffer overflow on the stack, potentially corrupting control flow structures. The vulnerability is exposed through the embedded web server and does not require authentication due to default anonymous access. The issue was resolved in version 1.7.0.12, after which the product was renamed to UplusFtp.
Deeper analysisAI
EasyFTP Server versions 1.7.0.11 and earlier suffer from a stack-based buffer overflow vulnerability (CWE-121) in the HTTP interface of its embedded web server. The issue arises when processing a GET request to list.html, where the server does not properly validate the length of the path parameter. An excessively long value triggers the overflow, corrupting stack-based control flow structures. The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Remote attackers can exploit this vulnerability over the network without authentication, leveraging the server's default anonymous access. By sending a specially crafted GET request with an oversized path parameter to list.html, an attacker can overwrite stack data, potentially leading to arbitrary code execution, denial of service, or other impacts with high confidentiality, integrity, and availability consequences.
The vulnerability was addressed in EasyFTP Server version 1.7.0.12, after which the product was renamed to UplusFtp. Advisories and references, including those from Vulncheck, Exploit-DB (exploit 11500), and a Metasploit Framework module, document proof-of-concept exploits confirming remote code execution potential.
Public proof-of-concept exploits exist in Metasploit and Exploit-DB, indicating practical exploitability despite the software's age.
Details
- CWE(s)