What is CVE-2012-10030?

CVE-2012-10030 is a vulnerability in Freefloat Ftp Server, classified under Unrestricted Upload of File with Dangerous Type. Published 2025-08-05.

Is CVE-2012-10030 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Auth bypass in Freefloat Ftp Server

CVE-2012-10030

FreeFloat FTP Server contains multiple critical design flaws that allow unauthenticated remote attackers to upload arbitrary files to sensitive system directories. The server accepts empty credentials, defaults user access to the root of t…

Vulnerability class: Unrestricted File Upload

EPSS: 0.726 (98.8th percentile) — read the EPSS interpretation.

Affected products

Freefloat Ftp Server

Weakness classification (CWE)

Public proof-of-concept exploits

References

raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/w… (exploit)
www.exploit-db.com/exploits/23226 (exploit)
www.fortiguard.com/encyclopedia/ips/34209/freefloat-ftp-server-arbitrary-file-u… (third-party-advisory)
archive.org/details/tucows_367516_Freefloat_FTP_Server (product)
www.vulncheck.com/advisories/freefloat-ftp-server-arbitrary-file-upload (third-party-advisory)

Frequently asked questions

What is CVE-2012-10030?: CVE-2012-10030 is a vulnerability in Freefloat Ftp Server, classified under Unrestricted Upload of File with Dangerous Type. Published 2025-08-05.
Is CVE-2012-10030 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.