CVE-2009-4753 in NASU2FW41info

Summary

by MITRE

Multiple buffer overflows in the FTP server on the Addonics NAS Adapter NASU2FW41 with loader 1.17 allow remote attackers to cause a denial of service (TCP/IP outage) via long arguments to the (1) XRMD, (2) delete, (3) RNFR, or (4) RNTO command.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Analysis

by VulDB Data Team • 05/03/2026

The CVE-2009-4753 vulnerability affects the Addonics NAS Adapter NASU2FW41 device which operates an FTP server with loader version 1.17. This vulnerability represents a critical security flaw that stems from improper input validation within the FTP server implementation. The affected device is designed to provide network attached storage functionality, making it a potential target for malicious actors seeking to disrupt network services. The vulnerability manifests specifically in the handling of certain FTP commands, creating a condition where remote attackers can exploit buffer overflows to cause service disruption.

The technical flaw involves buffer overflow conditions occurring when processing specific FTP commands including XRMD, delete, RNFR, and RNTO. These commands are standard FTP operations used for removing files and directories, as well as renaming operations within the file system. The vulnerability arises because the FTP server fails to properly validate the length of arguments provided to these commands, allowing attackers to send overly long input strings that exceed the allocated buffer space. This classic buffer overflow scenario enables attackers to overwrite adjacent memory locations, potentially leading to arbitrary code execution or system instability.

The operational impact of this vulnerability extends beyond simple denial of service conditions, as it can result in complete TCP/IP network outages for the affected NAS device. When exploited, the buffer overflows cause the FTP server process to crash or become unresponsive, effectively cutting off access to the network storage services. This disruption can have significant business implications for organizations relying on continuous data availability, as it may prevent legitimate users from accessing critical files and data. The vulnerability is particularly concerning because it requires no authentication to exploit, making it accessible to anyone with network access to the device.

From a cybersecurity perspective, this vulnerability aligns with CWE-121, which describes stack-based buffer overflow conditions, and represents a clear violation of secure coding practices. The ATT&CK framework categorizes this as a Denial of Service attack technique, specifically targeting network services through protocol exploitation. Organizations should consider implementing network segmentation and access controls to limit exposure to this vulnerability, while also ensuring that all network attached storage devices receive timely firmware updates. The vulnerability demonstrates the importance of input validation and proper memory management in network services, particularly those handling user-provided data through standard protocols like FTP.

Reservation

03/29/2010

Disclosure

03/29/2010

Moderation

accepted

Entry

VDB-52410

CPE

ready

Exploit

Download

EPSS

0.03005

KEV

no

Activities

very low

Sources

Do you know our Splunk app?

Download it now for free!