Cyber Posture

CVE-2012-10023

CriticalPublic PoC

Published: 05 August 2025

Published
05 August 2025
Modified
03 September 2025
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.7059 98.7th percentile
Risk Priority 62 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2012-10023 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Freefloat Freefloat Ftp Server. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 1.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly requires validation of inputs such as the overly long USER command string to prevent stack-based buffer overflows.

SI-2 Flaw Remediation good match
prevent

Mandates identification, prioritization, and remediation of flaws like this buffer overflow vulnerability through patching or upgrades.

SI-16 Memory Protection good match
prevent

Implements memory protections such as stack canaries, ASLR, and DEP to prevent exploitation of the buffer overflow for arbitrary code execution.

NVD Description

A stack-based buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0. The server fails to properly validate input passed to the USER command, allowing remote attackers to overwrite memory and potentially execute arbitrary code. The flaw is triggered by…

more

sending an overly long username string, which overflows the buffer allocated for user authentication.

Deeper analysisAI

CVE-2012-10023 is a stack-based buffer overflow vulnerability (CWE-121) in FreeFloat FTP Server version 1.0.0. The server fails to properly validate input passed to the USER command, allowing an overly long username string to overflow the buffer allocated for user authentication. This memory corruption enables remote attackers to overwrite adjacent memory regions and potentially execute arbitrary code.

The vulnerability has a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating it is exploitable over the network with low complexity and no privileges or user interaction required. Remote, unauthenticated attackers can trigger the flaw by connecting to the FTP server and sending a specially crafted USER command, achieving high confidentiality, integrity, and availability impacts through arbitrary code execution on the server host.

Advisories and resources referenced in the CVE include a Secunia advisory (archived), the vendor's archived site, and exploit details from sites like Exploit-DB (exploit 15689) and a Metasploit module (windows/ftp/freefloatftp_user.rb). These provide proof-of-concept exploits but no specific patch details are noted in the CVE information.

Details

CWE(s)
CWE-121

Affected Products

freefloat
freefloat ftp server
1.0

CVEs Like This One

CVE-2019-25614Same product: Freefloat Freefloat Ftp Server
CVE-2012-10030Same product: Freefloat Freefloat Ftp Server
CVE-2025-70219Shared CWE-121
CVE-2026-29972Shared CWE-121
CVE-2025-60690Shared CWE-121
CVE-2026-4444Shared CWE-121
CVE-2025-61128Shared CWE-121
CVE-2019-25319Shared CWE-121
CVE-2026-22923Shared CWE-121
CVE-2025-69195Shared CWE-121

References