CVE-2025-5331
Buffer overflow vulnerability in PCMan FTP Server 2.0.7's NLST Command Handler
Overview
PCMan FTP Server 2.0.7 is exposed to a buffer overflow vulnerability due to an unknown code of the component NLST Command Handler. By exploiting this vulnerability, remote attackers could manipulate buffer data leading to possible code execution or denial of service.
Technical Details
The flaw resides in the NLST Command Handler of the PCMan FTP Server 2.0.7 which when manipulated leads to buffer overflow, potentially compromising the system. This attack can be initiated remotely without requiring user interaction.
CVSS Metrics
- Attack Vector: NETWORK
- Attack Complexity: LOW
- Privileges Required: NONE
- User Interaction: NONE
Impact
System confidentiality, integrity, and availability could be compromised at a medium level, making it susceptible to potential code execution or denial of service.
Recommendations
To mitigate this vulnerability, it is recommended to apply patches or updates provided by the developer, or consider using a different FTP server software.
Threat Metrics
- cvss_score: 7.5
- severity: MEDIUM
- attack_vector: NETWORK
- attack_complexity: LOW