VYPR
High severity7.5NVD Advisory· Published Apr 5, 2026· Updated Apr 9, 2026

CVE-2019-25686

CVE-2019-25686

Description

Core FTP 2.0 build 653 contains a denial of service vulnerability in the PBSZ command that allows unauthenticated attackers to crash the service by sending a malformed command with an oversized buffer. Attackers can send a PBSZ command with a payload exceeding 211 bytes to trigger an access violation and crash the FTP server process.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Coreftp/Coreftp2 versions
    cpe:2.3:a:coreftp:core_ftp:2.0:build_653:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:coreftp:core_ftp:2.0:build_653:*:*:*:*:*:*
    • (no CPE)range: = 2.0 build 653

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.