CVE-2010-20121

CriticalPublic PoC

Published: 21 August 2025

Published

21 August 2025

Modified

10 September 2025

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.6864 98.6th percentile

Risk Priority 61 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2010-20121 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Easyftp Server Project Easyftp Server. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 1.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Requires timely patching of the stack-based buffer overflow in EasyFTP Server's CWD parser, directly eliminating the vulnerability as fixed in version 1.7.0.12.

SI-10 Information Input Validation good match

prevent

Mandates validation of FTP command input lengths, such as CWD strings, to block buffer overflows from malformed inputs.

SI-16 Memory Protection good match

prevent

Implements memory protections like stack canaries, DEP, and ASLR to prevent successful exploitation of stack-based buffer overflows leading to RCE.

NVD Description

EasyFTP Server versions up to 1.7.0.11 contain a stack-based buffer overflow vulnerability in the FTP command parser. When processing the CWD (Change Working Directory) command, the server fails to properly validate the length of the input string, allowing attackers to…

overwrite memory on the stack. This flaw enables remote code execution without authentication, as EasyFTP allows anonymous access by default. The vulnerability was resolved in version 1.7.0.12, after which the product was renamed “UplusFtp.”

Deeper analysisAI

EasyFTP Server versions up to 1.7.0.11 contain a stack-based buffer overflow vulnerability (CWE-121) in the FTP command parser. The flaw arises when processing the CWD (Change Working Directory) command, as the server fails to properly validate the length of the input string, allowing attackers to overwrite memory on the stack.

Remote attackers can exploit this vulnerability without authentication, leveraging the server's default allowance of anonymous access, to achieve remote code execution. The high CVSS score of 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) underscores its critical impact, with low complexity and no privileges required.

The vulnerability was resolved in version 1.7.0.12, after which the product was renamed UplusFtp. References, including a Bugtraq mailing list post and Exploit-DB entries, detail the issue and provide proof-of-concept exploits, while a Metasploit module (easyftp_cwd_fixret) demonstrates automated exploitation.

Public exploits and a Metasploit module have been available since 2010, highlighting ongoing risk to unpatched legacy deployments of this FTP server.