CVE-2024-57392
Published: 06 February 2025
Summary
CVE-2024-57392 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 10.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2024-57392 is a buffer overflow vulnerability, tracked under CWE-120, that affects ProFTPD at commit 4017eff8. The flaw resides in the FTP service and can be triggered by network input processed on the service port, producing a CVSS 3.1 base score of 7.5 with network attack vector, low complexity, and no required privileges or user interaction.
A remote attacker can send a maliciously crafted message to the ProFTPD listening port to trigger the overflow. Successful exploitation may permit arbitrary code execution or a denial-of-service condition that disrupts the FTP service.
A Debian LTS security announcement published in March 2025 addresses the issue for affected distributions, while a public repository demonstrates the reproduction steps. The associated EPSS score rose from lower values to a peak of 0.0618 on 2026-03-17 before receding to the current 0.0461, indicating a temporary increase in observed exploitation interest after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-53576
Vulnerability details
Buffer Overflow vulnerability in Proftpd commit 4017eff8 allows a remote attacker to execute arbitrary code and can cause a Denial of Service (DoS) on the FTP service by sending a maliciously crafted message to the ProFTPD service port.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in public-facing ProFTPD FTP service directly enables remote exploitation for code execution or DoS via crafted network messages (T1190).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Flaw remediation directly mitigates the buffer overflow vulnerability by applying patches or updates to the vulnerable Proftpd commit 4017eff8.
Memory protection safeguards such as ASLR and stack canaries prevent arbitrary code execution from the buffer overflow exploitation.
Information input validation checks incoming FTP messages for validity, reducing the risk of buffer overflows from maliciously crafted inputs.