CVE-2018-25254

Name of the Vulnerable Software and Affected Versions NICO-FTP version 3.0.1.19

Description A structured exception handler (SEH) buffer overflow allows remote attackers to execute arbitrary code by sending crafted FTP commands. Attackers can connect to the FTP service and send oversized data in response handlers to overwrite SEH pointers and redirect execution to injected shellcode. SEH is a mechanism for handling hardware and software exceptions in Windows applications.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.