CVE-2025-4162

Summary

A vulnerability classified as critical was found in PCMan FTP Server up to 2.0.7. This vulnerability affects unknown code of the component ASCII Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Affected Software

VendorProductVersion RangeStatus
PCManFTP Server2.0.0affected
PCManFTP Server2.0.1affected
PCManFTP Server2.0.2affected
PCManFTP Server2.0.3affected
PCManFTP Server2.0.4affected
PCManFTP Server2.0.5affected
PCManFTP Server2.0.6affected
PCManFTP Server2.0.7affected

Weaknesses

  • CWE-120: Buffer Overflow
  • CWE-119: Memory Corruption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References