VDB
CVE-2025-3725
CVE-2025-3725
PUBLISHED
CVSS 6.900000095367432 MEDIUM
A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component MIC Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
EPSS 0.48% · 65.6th percentile
Risk Scores
CVSS 4.0
6.900000095367432
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
EPSS Score
0.48%
65.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| pcman | ftp_server | 2.0.7 |
| PCMan | FTP Server | 2.0.7 |
Timeline
- Apr 16, 2025 CVE Published
- Apr 17, 2025 EPSS Score
- Apr 17, 2025 CVE Updated
- Apr 29, 2025 EPSS Score
- May 12, 2025 EPSS Score
- May 24, 2025 EPSS Score
- May 31, 2025 Coalition ESS Score
- Jun 5, 2025 EPSS Score
- Jun 18, 2025 EPSS Score
- Jun 30, 2025 EPSS Score
- Jul 12, 2025 EPSS Score
- Jul 25, 2025 EPSS Score
References
- VDB-305071 | PCMan FTP Server MIC Command buffer overflow vdb
- VDB-305071 | CTI Indicators (IOB, IOC) url
- Submit #552814 | PCMan FTP 2.0.7 Buffer Overflow third-party-advisory
- https://fitoxs.com/exploit/exploit-827ccb0eea8a706c4c34a16891f84e7b.txt exploit
- https://nvd.nist.gov/vuln/detail/CVE-2025-3725 advisory