CVE-2019-25611
Published: 22 March 2026
Summary
CVE-2019-25611 is a high-severity Out-of-bounds Write (CWE-787) vulnerability. Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 4.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2019-25611 is a buffer overflow vulnerability (CWE-787) in the parseconf_load_setting function of MiniFtp. The flaw affects the MiniFtp software, which processes configuration files, where oversized values exceeding 128 bytes trigger a stack buffer overflow.
Local attackers can exploit this vulnerability with low complexity and no privileges required (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, score 8.4). By crafting a malicious miniftpd.conf file with oversized configuration values, attackers overflow stack buffers and overwrite the return address, enabling arbitrary code execution with root privileges.
Advisories and references, including the Vulncheck advisory on the parseconf_load_setting buffer overflow via configuration, an Exploit-DB entry (46807) demonstrating exploitation, and the MiniFtp GitHub repository, provide further technical details but do not specify patches or mitigations in the available information.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2019-19963
Vulnerability details
MiniFtp contains a buffer overflow vulnerability in the parseconf_load_setting function that allows local attackers to execute arbitrary code by supplying oversized configuration values. Attackers can craft a miniftpd.conf file with values exceeding 128 bytes to overflow stack buffers and overwrite…
more
the return address, enabling code execution with root privileges.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow via malicious config file enables local arbitrary code execution for root privilege escalation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of configuration file inputs to prevent buffer overflows from oversized values exceeding 128 bytes in parseconf_load_setting.
Implements memory protections such as stack canaries, ASLR, and non-executable stacks to mitigate exploitation of the stack buffer overflow leading to return address overwrite.
Mandates identification, reporting, and correction of the specific buffer overflow flaw in MiniFtp, including patching or replacing the vulnerable software.