Buffer Overflow Vulnerability in PCMan FTP Server 2.0.7
CVE-2025-3724

9.8CRITICAL

Key Information:

Vendor: PCMan
Status: PCMan FTP Server
Vendor: CVE Published:; 16 April 2025

What is CVE-2025-3724?

A buffer overflow vulnerability exists within the DIR Command Handler of PCMan FTP Server 2.0.7. This flaw can be exploited remotely, potentially allowing an attacker to execute arbitrary code on the affected system. The vulnerability has been publicly disclosed and poses significant security risks to users of this FTP server. It is essential for those using this application to implement necessary patches or consider alternative solutions to safeguard against potential exploits.

References

https://fitoxs.com/exploit/exploit-21232f297a57a5a743894a...

https://vuldb.com/?ctiid.305070

https://vuldb.com/?id.305070

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 16, 2025