CVE-2012-10030

Published: Aug 5, 2025Modified: Sep 3, 2025

9.3

Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Show more

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: disclosure@vulncheck.com (Secondary)

Description

FreeFloat FTP Server contains multiple critical design flaws that allow unauthenticated remote attackers to upload arbitrary files to sensitive system directories. The server accepts empty credentials, defaults user access to the root of the C:\ drive, and imposes no restrictions on file type or destination path. These conditions enable attackers to upload executable payloads and .mof files to locations such as system32 and wbem\mof, where Windows Management Instrumentation (WMI) automatically processes and executes them. This results in remote code execution with SYSTEM-level privileges, without requiring user interaction.

Affected (1)

Products: Freefloat: Freefloat Ftp Server

1 product

Freefloat Ftp Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Freefloat Freefloat Ftp Server	Version 1.0

Related CWEs

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

References (6)

https://archive.org/details/tucows_367516_Freefloat_FTP_Server

Source: disclosure@vulncheck.com

Product

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/freefloatftp_wbem.rb

Source: disclosure@vulncheck.com

Exploit

https://www.exploit-db.com/exploits/23226

Source: disclosure@vulncheck.com

Exploit

https://www.fortiguard.com/encyclopedia/ips/34209/freefloat-ftp-server-arbitrary-file-upload

Source: disclosure@vulncheck.com

Third Party Advisory

https://www.vulncheck.com/advisories/freefloat-ftp-server-arbitrary-file-upload

Source: disclosure@vulncheck.com

Third Party Advisory

https://www.exploit-db.com/exploits/23226

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Exploit

Timeline

No history available yet.