{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2018-25254", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-04-04T13:29:29.679Z", "datePublished": "2026-04-04T13:51:17.803Z", "dateUpdated": "2026-04-06T15:28:10.769Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-04T20:00:12.145Z"}, "datePublic": "2018-09-04T00:00:00.000Z", "title": "NICO-FTP 3.0.1.19 Buffer Overflow SEH", "descriptions": [{"lang": "en", "value": "NICO-FTP 3.0.1.19 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending crafted FTP commands. Attackers can connect to the FTP service and send oversized data in response handlers to overwrite SEH pointers and redirect execution to injected shellcode."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Out-of-bounds Write", "cweId": "CWE-787", "type": "CWE"}]}], "affected": [{"vendor": "nico-ftp", "product": "NICO-FTP", "versions": [{"version": "3.0.1.19", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/45442", "name": "ExploitDB-45442", "tags": ["exploit"]}, {"url": "https://en.softonic.com/download/nico-ftp/windows/post-download", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: NICO-FTP 3.0.1.19 Buffer Overflow SEH", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/nico-ftp-buffer-overflow-seh"}], "credits": [{"lang": "en", "value": "Abdullah Al\u0131\u00e7", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-06T15:25:23.006744Z", "id": "CVE-2018-25254", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T15:28:10.769Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2018-25254", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-06T15:25:23.006744Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T15:25:24.724Z"}}], "cna": {"title": "NICO-FTP 3.0.1.19 Buffer Overflow SEH", "credits": [{"lang": "en", "type": "finder", "value": "Abdullah Al\u0131\u00e7"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "nico-ftp", "product": "NICO-FTP", "versions": [{"status": "affected", "version": "3.0.1.19"}]}], "datePublic": "2018-09-04T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/45442", "name": "ExploitDB-45442", "tags": ["exploit"]}, {"url": "https://en.softonic.com/download/nico-ftp/windows/post-download", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/nico-ftp-buffer-overflow-seh", "name": "VulnCheck Advisory: NICO-FTP 3.0.1.19 Buffer Overflow SEH", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "NICO-FTP 3.0.1.19 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending crafted FTP commands. Attackers can connect to the FTP service and send oversized data in response handlers to overwrite SEH pointers and redirect execution to injected shellcode."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-04T20:00:12.145Z"}}}, "cveMetadata": {"cveId": "CVE-2018-25254", "state": "PUBLISHED", "dateUpdated": "2026-04-06T15:28:10.769Z", "dateReserved": "2026-04-04T13:29:29.679Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-04-04T13:51:17.803Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nico-ftp_project:nico-ftp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E21A9A8B-2157-4078-9F5A-1FE4F9A11C74", "versionEndIncluding": "3.0.1.19", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "NICO-FTP 3.0.1.19 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending crafted FTP commands. Attackers can connect to the FTP service and send oversized data in response handlers to overwrite SEH pointers and redirect execution to injected shellcode."}], "id": "CVE-2018-25254", "lastModified": "2026-04-27T13:26:40.773", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-04-04T14:16:21.743", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "https://en.softonic.com/download/nico-ftp/windows/post-download"}, {"source": "disclosure@vulncheck.com", "tags": ["Exploit", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/45442"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/nico-ftp-buffer-overflow-seh"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.0.1.19"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "NICO-FTP", "source": "cna", "vendor": "nico-ftp"}, "product": "nico-ftp", "vendor": "nico-ftp"}], "analysis": {"en": {"generated_at": "2026-04-04T17:50:28.150191+00:00", "value": {"mitigation_remediation": ["Update NICO\u2011FTP to the latest available version that contains a patch for the SEH buffer overflow.", "If a patch is not yet available, restrict the FTP service to trusted hosts or block inbound FTP traffic from untrusted networks as a temporary measure.", "Monitor FTP logs for unusually large command payloads and apply vendor updates as soon as they are released."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability applies to NICO\u2011FTP, specifically to version\u202f3.0.1.19. No other versions or components are identified as affected in the available CNA data.", "description_and_impact": "NICO\u2011FTP version\u202f3.0.1.19 has a structured exception handler buffer overflow that allows an attacker to execute arbitrary code by sending oversized FTP command responses. By overwriting SEH pointers and redirecting execution to injected shellcode, an attacker can gain full control of the system running the vulnerable service.", "risk_and_exploitability": "The CVSS score of 9.3 indicates critical severity. Although EPSS data is not available and the vulnerability is not listed in KEV, the flaw remains remotely exploitable. Based on the description, the attack vector is remote access via the FTP service; an attacker can connect from anywhere on the network, send crafted payloads, and achieve arbitrary code execution."}}}}, "created": "2026-04-06T20:26:57.871880+00:00", "updated": "2026-04-06T21:57:33.827865+00:00", "vendors": ["nico-ftp", "nico-ftp$PRODUCT$nico-ftp"]}