cvelist/2025/4xxx/CVE-2025-4240.json

{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2025-4240",
        "ASSIGNER": "cna@vuldb.com",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. This issue affects some unknown processing of the component LCD Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
            },
            {
                "lang": "deu",
                "value": "Eine Schwachstelle wurde in PCMan FTP Server 2.0.7 ausgemacht. Sie wurde als kritisch eingestuft. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Komponente LCD Command Handler. Mit der Manipulation mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "Buffer Overflow",
                        "cweId": "CWE-120"
                    }
                ]
            },
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "Memory Corruption",
                        "cweId": "CWE-119"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "PCMan",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "FTP Server",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "2.0.7"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://vuldb.com/?id.307331",
                "refsource": "MISC",
                "name": "https://vuldb.com/?id.307331"
            },
            {
                "url": "https://vuldb.com/?ctiid.307331",
                "refsource": "MISC",
                "name": "https://vuldb.com/?ctiid.307331"
            },
            {
                "url": "https://vuldb.com/?submit.561571",
                "refsource": "MISC",
                "name": "https://vuldb.com/?submit.561571"
            },
            {
                "url": "https://fitoxs.com/exploit/exploit-3c2b72a81c4f4fbe75903a2c9280d78fce69420fbc77e78ea6e73b34b735e70a.txt",
                "refsource": "MISC",
                "name": "https://fitoxs.com/exploit/exploit-3c2b72a81c4f4fbe75903a2c9280d78fce69420fbc77e78ea6e73b34b735e70a.txt"
            }
        ]
    },
    "credits": [
        {
            "lang": "en",
            "value": "Fernando Mengali (VulDB User)"
        }
    ],
    "impact": {
        "cvss": [
            {
                "version": "3.1",
                "baseScore": 7.3,
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "baseSeverity": "HIGH"
            },
            {
                "version": "3.0",
                "baseScore": 7.3,
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "baseSeverity": "HIGH"
            },
            {
                "version": "2.0",
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
            }
        ]
    }
}
"-Synchronized-Data." 2025-05-02 21:00:34 +00:00			`{`
"-Synchronized-Data." 2025-05-03 18:00:33 +00:00			`"data_version": "4.0",`
"-Synchronized-Data." 2025-05-02 21:00:34 +00:00			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"CVE_data_meta": {`
			`"ID": "CVE-2025-4240",`
"-Synchronized-Data." 2025-05-03 18:00:33 +00:00			`"ASSIGNER": "cna@vuldb.com",`
			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2025-05-02 21:00:34 +00:00			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
"-Synchronized-Data." 2025-05-03 18:00:33 +00:00			`"value": "A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. This issue affects some unknown processing of the component LCD Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."`
			`},`
			`{`
			`"lang": "deu",`
			`"value": "Eine Schwachstelle wurde in PCMan FTP Server 2.0.7 ausgemacht. Sie wurde als kritisch eingestuft. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Komponente LCD Command Handler. Mit der Manipulation mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."`
			`}`
			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "Buffer Overflow",`
			`"cweId": "CWE-120"`
			`}`
			`]`
			`},`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "Memory Corruption",`
			`"cweId": "CWE-119"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "PCMan",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "FTP Server",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_affected": "=",`
			`"version_value": "2.0.7"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"url": "https://vuldb.com/?id.307331",`
			`"refsource": "MISC",`
			`"name": "https://vuldb.com/?id.307331"`
			`},`
			`{`
			`"url": "https://vuldb.com/?ctiid.307331",`
			`"refsource": "MISC",`
			`"name": "https://vuldb.com/?ctiid.307331"`
			`},`
			`{`
			`"url": "https://vuldb.com/?submit.561571",`
			`"refsource": "MISC",`
			`"name": "https://vuldb.com/?submit.561571"`
			`},`
			`{`
			`"url": "https://fitoxs.com/exploit/exploit-3c2b72a81c4f4fbe75903a2c9280d78fce69420fbc77e78ea6e73b34b735e70a.txt",`
			`"refsource": "MISC",`
			`"name": "https://fitoxs.com/exploit/exploit-3c2b72a81c4f4fbe75903a2c9280d78fce69420fbc77e78ea6e73b34b735e70a.txt"`
			`}`
			`]`
			`},`
			`"credits": [`
			`{`
			`"lang": "en",`
			`"value": "Fernando Mengali (VulDB User)"`
			`}`
			`],`
			`"impact": {`
			`"cvss": [`
			`{`
			`"version": "3.1",`
			`"baseScore": 7.3,`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",`
			`"baseSeverity": "HIGH"`
			`},`
			`{`
			`"version": "3.0",`
			`"baseScore": 7.3,`
			`"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",`
			`"baseSeverity": "HIGH"`
			`},`
			`{`
			`"version": "2.0",`
			`"baseScore": 7.5,`
			`"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"`
"-Synchronized-Data." 2025-05-02 21:00:34 +00:00			`}`
			`]`
			`}`
			`}`