What is the CVSS score of EUVD-2025-16959?

EUVD-2025-16959 has a CVSS 3.1 base score of 7.3 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L. EPSS exploitation probability: 0.2%.

Which versions of Ftp are affected by EUVD-2025-16959?

PCMan FTP Server 2.0.7 contains a critical buffer overflow vulnerability in its NOOP command handler that allows remote attackers to compromise affected systems.

Is there a public PoC exploit available for EUVD-2025-16959?

Yes, a public proof-of-concept exploit is available for EUVD-2025-16959. Prioritise patching immediately. EPSS: 0.2%.

How to fix or mitigate EUVD-2025-16959?

Within 24 hours: Audit all systems running PCMan FTP Server 2.0.7 and document inventory; isolate or disable FTP services if not critical to operations. Within 7 days: Implement network segmentation to restrict FTP access to trusted IP ranges only; deploy IDS/IPS signatures to detect exploitation attempts; enable enhanced logging on FTP services. Within 30 days: Evaluate migration to a supported FTP server alternative (e.g., vsftpd, ProFTPD with current patches); establish timeline for decommissioning PCMan FTP Server if replacement is not feasible.

Ftp EUVD-2025-16959

| CVE-2025-5634 HIGH

Buffer Overflow (CWE-119)

2025-06-05 cna@vuldb.com

Buffer Overflow Denial Of Service Ftp Ftp Server

7.3

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Lifecycle Timeline

EUVD ID Assigned

Mar 14, 2026 - 17:53 euvd

EUVD-2025-16959

Analysis Generated

Mar 14, 2026 - 17:53 vuln.today

PoC Detected

Jun 24, 2025 - 15:49 vuln.today

Public exploit code

CVE Published

Jun 05, 2025 - 04:15 nvd

HIGH 7.3

DescriptionNVD

A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component NOOP Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

A buffer overflow vulnerability in A vulnerability classified as critical (CVSS 7.3). Risk factors: public PoC available.

Technical ContextAI

CWE-119 (Buffer Overflow). CVSS 7.3 indicates high severity. Affects A vulnerability classified as critical.

RemediationAI

Monitor vendor channels for patch availability. Consider network segmentation to limit exposure if patching is delayed.

EUVD-2025-16959 vulnerability details – vuln.today

Back