Skip to main content

Ftp CVE-2025-5637

| EUVDEUVD-2025-16965 HIGH
Buffer Overflow (CWE-119)
2025-06-05 cna@vuldb.com
7.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.3 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

4
EUVD ID Assigned
Mar 14, 2026 - 17:53 euvd
EUVD-2025-16965
Analysis Generated
Mar 14, 2026 - 17:53 vuln.today
PoC Detected
Jun 24, 2025 - 15:49 vuln.today
Public exploit code
CVE Published
Jun 05, 2025 - 05:15 nvd
HIGH 7.3

DescriptionCVE.org

A vulnerability, which was classified as critical, was found in PCMan FTP Server 2.0.7. Affected is an unknown function of the component SYSTEM Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

Critical buffer overflow vulnerability in PCMan FTP Server 2.0.7's SYSTEM Command Handler that allows unauthenticated remote attackers to cause denial of service and potentially execute arbitrary code with limited impact on confidentiality and integrity. The vulnerability has been publicly disclosed with exploit code available, making it actively exploitable in the wild against unpatched systems.

Technical ContextAI

PCMan FTP Server is a lightweight FTP daemon commonly used on Windows systems. The vulnerability exists in the SYSTEM Command Handler component, which processes FTP protocol commands. The root cause is CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), a classic buffer overflow condition where input from FTP commands is not properly validated before being written to a fixed-size buffer. This allows an attacker to overflow the buffer and potentially overwrite adjacent memory structures, including function pointers or return addresses on the stack. The FTP protocol itself is legacy and unencrypted, making packet inspection and command injection straightforward for attackers. The vulnerability likely resides in command parsing logic where user-supplied parameters in SYSTEM-related FTP commands are copied without bounds checking.

RemediationAI

Immediate remediation steps: (1) Update PCMan FTP Server to the latest patched version beyond 2.0.7 if available from the official vendor; (2) If no patch exists, disable or uninstall PCMan FTP Server and migrate to a modern, maintained FTP server solution (e.g., ProFTPD, vsftpd, or FileZilla Server); (3) If the service must remain operational, implement network-level access controls restricting FTP traffic (TCP port 21) to specific trusted IP addresses only; (4) Monitor FTP server logs for unusual SYSTEM command attempts or buffer overflow attack patterns; (5) Consider replacing FTP entirely with SFTP/SSH, which provides encryption and modern security practices. Workarounds are limited given the nature of buffer overflows, so patching or service replacement is essential.

More in Ftp

View all
CVE-2025-47812 CRITICAL POC
10.0 Jul 10

Wing FTP Server before 7.4.4 contains a critical remote code execution vulnerability (CVE-2025-47812, CVSS 10.0) through

CVE-2025-5548 HIGH POC
7.3 Jun 04

Critical buffer overflow vulnerability in the NOOP Command Handler of FreeFloat FTP Server 1.0 that allows remote, unaut

CVE-2023-22551 HIGH POC
7.5 Jan 01

The FTP (aka "Implementation of a simple FTP client and server") project through 96c1a35 allows remote attackers to caus

CVE-2025-5636 HIGH POC
7.3 Jun 05

Critical buffer overflow vulnerability in the SET Command Handler of PCMan FTP Server 2.0.7 that allows remote attackers

CVE-2025-5635 HIGH POC
7.3 Jun 05

Critical buffer overflow vulnerability in PCMan FTP Server 2.0.7 affecting the PLS Command Handler component. Remote att

CVE-2025-5634 HIGH POC
7.3 Jun 05

A buffer overflow vulnerability in A vulnerability classified as critical (CVSS 7.3). Risk factors: public PoC available

CVE-2025-5593 HIGH POC
7.3 Jun 04

Critical buffer overflow vulnerability in the HOST Command Handler of FreeFloat FTP Server 1.0 that allows unauthenticat

CVE-2025-5551 HIGH POC
7.3 Jun 04

Critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's SYSTEM Command Handler that allows unauthenticated

CVE-2025-5549 HIGH POC
7.3 Jun 04

Critical buffer overflow vulnerability in the PASV command handler of FreeFloat FTP Server 1.0 that allows unauthenticat

CVE-2025-68206
Dec 16

Linux kernel netfilter FTP NAT helper fails to properly initialize sequence adjustment extensions when connection tracki

Share

CVE-2025-5637 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy