A critical buffer overflow vulnerability in NICO-FTP 3.0.1.19 poses a severe risk of remote code execution for unauthenticated attackers.

This is a stack-based buffer overflow affecting the structured exception handler (SEH) of the FTP service. By sending oversized data to response handlers, an unauthenticated remote attacker can overwrite SEH pointers to redirect program execution to malicious shellcode.

With a CVSS score of 9.8, this vulnerability represents a critical risk to organizational infrastructure. Successful exploitation allows for complete system compromise, enabling attackers to install backdoors, exfiltrate sensitive data, or pivot into the internal network, leading to significant operational downtime and potential data breaches.

Immediate Action: Upgrade to the latest version of NICO-FTP, or if unavailable, disable the FTP service until a security patch is provided by the vendor.

Proactive Monitoring: Inspect network traffic for anomalous FTP command sequences and monitor server logs for signs of service crashes or unauthorized process execution.

Compensating Controls: Implement strict network segmentation and utilize an Intrusion Prevention System (IPS) to detect and block malformed FTP packets targeting SEH structures.

Public Exploit Available: true

This vulnerability is highly critical due to the potential for unauthenticated remote code execution. Administrators must prioritize the decommissioning or patching of the affected FTP service immediately to prevent unauthorized access and system takeover.