CVE-2010-10014 HIGH

CVE-2010-10014: Odin Secure FTP <= 4.1 Stack Buffer Overflow via LIST Response

Vendor Odin Software
Product Odin Secure FTP
Weakness CWE-121
Published August 20, 2025
Last update May 15, 2026

CVSS base score

8.7/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Odin Secure FTP <= 4.1 is vulnerable to a stack-based buffer overflow when parsing directory listings received in response to an FTP LIST command. A malicious FTP server can send an overly long filename in the directory listing, which overflows a fixed-size stack buffer in the client and overwrites the Structured Exception Handler (SEH). This allows remote attackers to execute arbitrary code on the client system.

Key dates

02Disclosure timeline

August 20, 2025 CVE published
May 15, 2026 Record updated