CVE-2025-4079

Summary

A vulnerability, which was classified as critical, was found in PCMan FTP Server up to 2.0.7. Affected is an unknown function of the component RENAME Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Affected Software

VendorProductVersion RangeStatus
PCManFTP Server2.0.0affected
PCManFTP Server2.0.1affected
PCManFTP Server2.0.2affected
PCManFTP Server2.0.3affected
PCManFTP Server2.0.4affected
PCManFTP Server2.0.5affected
PCManFTP Server2.0.6affected
PCManFTP Server2.0.7affected

Weaknesses

  • CWE-120: Buffer Overflow
  • CWE-119: Memory Corruption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References