VDB-304967 · CVE-2025-3678 · GCVE-100-304967

PCMan FTP Server 2.0.7 HELP Command Pufferüberlauf

Hakika vulnerability da aka rarraba a matsayin kura an gano a PCMan FTP Server 2.0.7. Tabbas, aikin $software_function ne ke da matsala; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburare $software_library, a cikin fayil $software_file, a cikin sashi HELP Command Handler. Wuro manipulation ga Pufferüberlauf. Amfani da CWE wajen bayyana matsala yana kaiwa CWE-120. Lalle, rauni an sanar da shi 04/16/2025. Ana samun bayanin tsaro don saukewa a fitoxs.com. Ana kiran wannan rauni da CVE-2025-3678. Ngam yiɗi ka a tuma ndiyam ka nder waya. Bayani na fasaha ba ga. Kuma, akwai exploit. Exploit ɗin an bayyana wa jama'a, za a iya amfani da shi. A sa'i, exploit might be approx. USD $0-$5k ndiyam. Á yí huɗɗi-na-gaskiya. Za a iya samun exploit a fitoxs.com. 0-day ga, an ndiyam a wuro be $0-$5k. If you want to get the best quality for vulnerability data then you always have to consider VulDB.

3 Goyarwa · 97 Datenpunkte

Furɗe	Súgá 04/16/2025 03:14	Gargadi 1/2 04/16/2025 14:58	Gargadi 2/2 05/13/2025 10:29
cvss4_vuldb_vi	L	L	L
cvss4_vuldb_va	L	L	L
cvss4_vuldb_e	P	P	P
cvss2_vuldb_rl	ND	ND	ND
cvss3_vuldb_rl	X	X	X
cvss4_vuldb_at	N	N	N
cvss4_vuldb_sc	N	N	N
cvss4_vuldb_si	N	N	N
cvss4_vuldb_sa	N	N	N
cvss2_vuldb_basescore	7.5	7.5	7.5
cvss2_vuldb_tempscore	6.4	6.4	6.4
cvss3_vuldb_basescore	7.3	7.3	7.3
cvss3_vuldb_tempscore	6.6	6.6	6.6
cvss3_meta_basescore	7.3	7.3	8.1
cvss3_meta_tempscore	6.6	6.9	7.9
cvss4_vuldb_bscore	6.9	6.9	6.9
cvss4_vuldb_btscore	5.5	5.5	5.5
advisory_date	1744754400 (04/16/2025)	1744754400 (04/16/2025)	1744754400 (04/16/2025)
price_0day	$0-$5k	$0-$5k	$0-$5k
software_vendor	PCMan	PCMan	PCMan
software_name	FTP Server	FTP Server	FTP Server
software_version	2.0.7	2.0.7	2.0.7
software_component	HELP Command Handler	HELP Command Handler	HELP Command Handler
vulnerability_cwe	CWE-120 (Pufferüberlauf)	CWE-120 (Pufferüberlauf)	CWE-120 (Pufferüberlauf)
vulnerability_risk	2	2	2
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	N	N	N
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	L	L	L
cvss3_vuldb_e	P	P	P
cvss3_vuldb_rc	R	R	R
advisory_url	https://fitoxs.com/exploit/exploit-a0667f99e4dc732773f505cdb86fcae1.txt	https://fitoxs.com/exploit/exploit-a0667f99e4dc732773f505cdb86fcae1.txt	https://fitoxs.com/exploit/exploit-a0667f99e4dc732773f505cdb86fcae1.txt
exploit_availability	1	1	1
exploit_publicity	1	1	1
exploit_url	https://fitoxs.com/exploit/exploit-a0667f99e4dc732773f505cdb86fcae1.txt	https://fitoxs.com/exploit/exploit-a0667f99e4dc732773f505cdb86fcae1.txt	https://fitoxs.com/exploit/exploit-a0667f99e4dc732773f505cdb86fcae1.txt
source_cve	CVE-2025-3678	CVE-2025-3678	CVE-2025-3678
cna_responsible	VulDB	VulDB	VulDB
software_type	File Transfer Software	File Transfer Software	File Transfer Software
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_au	N	N	N
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_e	POC	POC	POC
cvss2_vuldb_rc	UR	UR	UR
cvss4_vuldb_av	N	N	N
cvss4_vuldb_ac	L	L	L
cvss4_vuldb_pr	N	N	N
cvss4_vuldb_ui	N	N	N
cvss4_vuldb_vc	L	L	L
cve_nvd_summary		A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component HELP Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.	A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component HELP Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
cvss4_cna_av		N	N
cvss4_cna_ac		L	L
cvss4_cna_at		N	N
cvss4_cna_pr		N	N
cvss4_cna_ui		N	N
cvss4_cna_vc		L	L
cvss4_cna_vi		L	L
cvss4_cna_va		L	L
cvss4_cna_sc		N	N
cvss4_cna_si		N	N
cvss4_cna_sa		N	N
cvss4_cna_bscore		6.9	6.9
cvss3_cna_av		N	N
cvss3_cna_ac		L	L
cvss3_cna_pr		N	N
cvss3_cna_ui		N	N
cvss3_cna_s		U	U
cvss3_cna_c		L	L
cvss3_cna_i		L	L
cvss3_cna_a		L	L
cvss3_cna_basescore		7.3	7.3
cvss2_cna_av		N	N
cvss2_cna_ac		L	L
cvss2_cna_au		N	N
cvss2_cna_ci		P	P
cvss2_cna_ii		P	P
cvss2_cna_ai		P	P
cvss2_cna_basescore		7.5	7.5
cve_nvd_summaryes			Se ha detectado una vulnerabilidad clasificada como crítica en PCMan FTP Server 2.0.7. Este problema afecta a un procesamiento desconocido del componente HELP Command Handler. La manipulación provoca un desbordamiento del búfer. El ataque podría iniciarse remotamente. Se ha hecho público el exploit y puede que sea utilizado.
cvss3_nvd_av			N
cvss3_nvd_ac			L
cvss3_nvd_pr			N
cvss3_nvd_ui			N
cvss3_nvd_s			U
cvss3_nvd_c			H
cvss3_nvd_i			H
cvss3_nvd_a			H
cvss3_nvd_basescore			9.8

◂ Gurɗo Gumti Gada ▸

Might our Artificial Intelligence support you?

Check our Alexa App!