How to fix EUVD-2025-16959?

Within 24 hours: Audit all systems running PCMan FTP Server 2.0.7 and document inventory; isolate or disable FTP services if not critical to operations. Within 7 days: Implement network segmentation to restrict FTP access to trusted IP ranges only; deploy IDS/IPS signatures to detect exploitation attempts; enable enhanced logging on FTP services. Within 30 days: Evaluate migration to a supported FTP server alternative (e.g., vsftpd, ProFTPD with current patches); establish timeline for decommissioning PCMan FTP Server if replacement is not feasible.

Is Ftp affected by EUVD-2025-16959?

PCMan FTP Server 2.0.7 contains a critical buffer overflow vulnerability in its NOOP command handler that allows remote attackers to compromise affected systems.

EUVD-2025-16959

| CVE-2025-5634 HIGH

2025-06-05 [email protected]

7.3

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Lifecycle Timeline

EUVD ID Assigned

Mar 14, 2026 - 17:53 euvd

EUVD-2025-16959

Analysis Generated

Mar 14, 2026 - 17:53 vuln.today

PoC Detected

Jun 24, 2025 - 15:49 vuln.today

Public exploit code

CVE Published

Jun 05, 2025 - 04:15 nvd

HIGH 7.3

Description

A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component NOOP Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Analysis

A buffer overflow vulnerability in A vulnerability classified as critical (CVSS 7.3). Risk factors: public PoC available.

Technical Context

CWE-119 (Buffer Overflow). CVSS 7.3 indicates high severity. Affects A vulnerability classified as critical.

Affected Products

['A vulnerability classified as critical']

Remediation

Monitor vendor channels for patch availability. Consider network segmentation to limit exposure if patching is delayed.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.2

CVSS: +36

POC: +20

EUVD-2025-16959 vulnerability details – vuln.today

Back

EUVD-2025-16959

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

EUVD-2025-16959

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code