Unrated severityNVD Advisory· Published Mar 22, 2026· Updated Mar 23, 2026

BulletProof FTP Server 2019.0.0.50 Storage-Path Denial of Service

CVE-2019-25587

Description

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the Storage-Path configuration parameter that allows local attackers to crash the application by supplying an excessively long string value. Attackers can enable the Override Storage-Path setting and paste a buffer of 500 bytes or more to trigger an application crash when saving the configuration.

Affected products

Cerberus/Ftp Serverllm-fuzzy
Range: = 2019.0.0.50
Bpftpserver/BulletProof FTP Serverv5
Range: 2019.0.0.50

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/46876mitreexploit
www.vulncheck.com/advisories/bulletproof-ftp-server-storage-path-denial-of-servicemitrethird-party-advisory
bpftpserver.commitreproduct
bpftpserver.com/products/bpftpserver/windows/downloadmitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000