CVE-2018-25234

SmartFTP Client 9.0.2615.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Host field. Attackers can paste a buffer of 300 repeated characters into the Host connection parameter to trigger an application crash.

CVSS v3 6.2 MEDIUM

6.2^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.5 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.exploit-db.com/exploits/45759	Exploit VDB Entry
https://www.smartftp.com/en-us/	Product
https://www.smartftp.com/en-us/download	Product
https://www.vulncheck.com/advisories/smartftp-client-denial-of-service-via-host-field	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:smartftp:smartftp:*:*:*:*:*:*:*:*

History

08 Apr 2026, 16:37

Type	Values Removed	Values Added
First Time		Smartftp Smartftp smartftp
CPE		cpe:2.3:a:smartftp:smartftp::::::::
References	~~() https://www.exploit-db.com/exploits/45759 -~~	() https://www.exploit-db.com/exploits/45759 - Exploit, VDB Entry
References	~~() https://www.smartftp.com/en-us/ -~~	() https://www.smartftp.com/en-us/ - Product
References	~~() https://www.smartftp.com/en-us/download -~~	() https://www.smartftp.com/en-us/download - Product
References	~~() https://www.vulncheck.com/advisories/smartftp-client-denial-of-service-via-host-field -~~	() https://www.vulncheck.com/advisories/smartftp-client-denial-of-service-via-host-field - Third Party Advisory
Summary		(es) SmartFTP Cliente 9.0.2615.0 contiene una vulnerabilidad de denegación de servicio que permite a atacantes locales bloquear la aplicación al proporcionar una cadena excesivamente larga en el campo Host. Los atacantes pueden pegar un búfer de 300 caracteres repetidos en el parámetro de conexión Host para provocar un bloqueo de la aplicación.

30 Mar 2026, 12:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-30 12:16

Updated : 2026-04-08 16:37

NVD link : CVE-2018-25234

Mitre link : CVE-2018-25234

CVE.ORG link : CVE-2018-25234

JSON object : View

Products Affected

smartftp

smartftp

CWE

CWE-466

Return of Pointer Value Outside of Expected Range

{"id": "CVE-2018-25234", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}], "cvssMetricV40": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-03-30T12:16:17.510", "references": [{"url": "https://www.exploit-db.com/exploits/45759", "tags": ["Exploit", "VDB Entry"], "source": "disclosure@vulncheck.com"}, {"url": "https://www.smartftp.com/en-us/", "tags": ["Product"], "source": "disclosure@vulncheck.com"}, {"url": "https://www.smartftp.com/en-us/download", "tags": ["Product"], "source": "disclosure@vulncheck.com"}, {"url": "https://www.vulncheck.com/advisories/smartftp-client-denial-of-service-via-host-field", "tags": ["Third Party Advisory"], "source": "disclosure@vulncheck.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "disclosure@vulncheck.com", "description": [{"lang": "en", "value": "CWE-466"}]}], "descriptions": [{"lang": "en", "value": "SmartFTP Client 9.0.2615.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Host field. Attackers can paste a buffer of 300 repeated characters into the Host connection parameter to trigger an application crash."}, {"lang": "es", "value": "SmartFTP Cliente 9.0.2615.0 contiene una vulnerabilidad de denegaci\u00f3n de servicio que permite a atacantes locales bloquear la aplicaci\u00f3n al proporcionar una cadena excesivamente larga en el campo Host. Los atacantes pueden pegar un b\u00fafer de 300 caracteres repetidos en el par\u00e1metro de conexi\u00f3n Host para provocar un bloqueo de la aplicaci\u00f3n."}], "lastModified": "2026-04-08T16:37:56.523", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:smartftp:smartftp:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCBEDBBB-E8AF-4D4D-8F3F-26B31BAB5ABA", "versionEndIncluding": "9.0.2615.0"}], "operator": "OR"}]}], "sourceIdentifier": "disclosure@vulncheck.com"}