CVE-2025-3725 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-3725 PUBLISHED CVSS 6.900000095367432 MEDIUM

A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component MIC Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

EPSS 0.48% · 64.8th percentile

Risk Scores

CVSS v4.0

6.900000095367432

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

EPSS Score

0.48%

64.8th percentile

Affected Products

Vendor	Product	Versions
pcman	ftp_server	2.0.7
PCMan	FTP Server	2.0.7

Timeline

Apr 16, 2025 CVE Published
Apr 17, 2025 EPSS Score
Apr 17, 2025 CVE Updated
Apr 29, 2025 EPSS Score
May 11, 2025 EPSS Score
May 22, 2025 EPSS Score
May 31, 2025 Coalition ESS Score
Jun 3, 2025 EPSS Score
Jun 15, 2025 EPSS Score
Jun 27, 2025 EPSS Score
Jul 9, 2025 EPSS Score
Jul 20, 2025 EPSS Score

References

VDB-305071 | PCMan FTP Server MIC Command buffer overflow vdb
VDB-305071 | CTI Indicators (IOB, IOC) url
Submit #552814 | PCMan FTP 2.0.7 Buffer Overflow third-party-advisory
https://fitoxs.com/exploit/exploit-827ccb0eea8a706c4c34a16891f84e7b.txt exploit
https://nvd.nist.gov/vuln/detail/CVE-2025-3725 advisory

Open in Interactive Console →