CNNVD-202508-2549 Information
CNNVD ID
CNNVD-202508-2549
Related CVE
- CNNVD Published: 2025-08-21
Description (Chinese)
Arcane Software Vermillion FTP Daemon是新加坡Arcane Software公司的一个FTP客户端软件。 Arcane Software Vermillion FTP Daemon 1.31及之前版本存在安全漏洞,该漏洞源于处理PORT命令时存在内存损坏,可能导致执行任意代码。
Description (English)
Arcane Software Vermillion FTP Daemon is an FTP client software for Arcane Software in Singapore. There is a security loophole in Arcane Software Vermillion FTP Daemon 1.31 and earlier versions, which stems from memory damage in processing PORT orders, which may result in the enforcement of any code.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Arcane Software
Published
2025-08-21
Last Modified
2026-02-24
References
https://www.exploit-db.com/exploits/11293 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/vermillion_ftpd_port.rb https://www.vulncheck.com/advisories/vermillion-ftp-daemon-port-command-memory-corruption https://www.juniper.net/us/en/threatlabs/ips-signatures/detail.FTP:EXPLOIT:VERMILLION-PORT-OF.html https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=23681 http://www.global-evolution.info/news/files/vftpd/vftpd.txt https://web.archive.org/web/20100416140657/ http://www.softsea.com/review/Vermillion-FTP-Daemon.html https://web.archive.org/web/20100213162028/ https://nvd.nist.gov/vuln/detail/CVE-2010-20115
Share on: