High severityNVD Advisory· Published Aug 20, 2025· Updated Apr 15, 2026

CVE-2010-10014

Description

Odin Secure FTP <= 4.1 is vulnerable to a stack-based buffer overflow when parsing directory listings received in response to an FTP LIST command. A malicious FTP server can send an overly long filename in the directory listing, which overflows a fixed-size stack buffer in the client and overwrites the Structured Exception Handler (SEH). This allows remote attackers to execute arbitrary code on the client system.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/odin_list_reply.rbnvd
web.archive.org/web/20111007123101/http://odinshare.com/secure-ftp-expert.htmlnvd
web.archive.org/web/20111016194057/https://www.corelan.be/index.php/2010/10/12/death-of-an-ftp-client/nvd
www.exploit-db.com/exploits/16716nvd
www.vulncheck.com/advisories/odin-secure-ftp-stack-buffer-overflow-via-list-responsenvd

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.049
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000