Unrated severityNVD Advisory· Published Mar 22, 2026· Updated Mar 24, 2026

BulletProof FTP Server 2019.0.0.50 Denial of Service via DNS Address

CVE-2019-25588

Description

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address field that allows local attackers to crash the application by supplying an excessively long string. Attackers can enable the DNS Address option in the Firewall settings and paste a buffer of 700 bytes to trigger a crash when the Test function is invoked.

Affected products

Cerberus/Ftp Serverllm-fuzzy
Range: =2019.0.0.50
Bpftpserver/BulletProof FTP Serverv5
Range: 2019.0.0.50

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/46875mitreexploit
www.vulncheck.com/advisories/bulletproof-ftp-server-denial-of-service-via-dns-addressmitrethird-party-advisory
bpftpserver.commitreproduct
bpftpserver.com/products/bpftpserver/windows/downloadmitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000