CVE-2025-34107

by Fred · 15/07/2025

A buffer overflow vulnerability exists in the WinaXe FTP Client version 7.7 within the FTP banner parsing functionality, WCMDPA10.dll. When the client connects to a remote FTP server and receives an overly long ‘220 Server Ready’ response, the vulnerable component responsible for parsing the banner overflows a stack buffer, leading to arbitrary code execution under the context of the user.

More information : http://hyp3rlinx.altervista.org/advisories/WINAXE-FTP-CLIENT-REMOTE-BUFFER-OVERFLOW.txt

CVE-2025-34107

Similar

Recent Posts

Categories

CVE-2025-34107

Share this:

Similar

Recent Posts

Categories

Tags