PUBLISHED DATE: May 4, 2025CVE-2025-4253:
Buffer Overflow Vulnerability

Description

A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component HASH Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Products

• PCMan FTP Server 2.0.7

Questions to Ask Vendors

1. Can you confirm whether your systems are affected by CVE-2025-4253, and if so, what steps are you currently taking to mitigate this vulnerability?
2. What is your estimated timeline for fully resolving CVE-2025-4253 in your products or services, and how will you communicate updates on this issue to us as your customer?

Recommended Actions

• Check out the advisory links provided below.

References

• http://webappsec.pbworks.com/Buffer-Overflow
• https://capec.mitre.org/data/definitions/10.html
• https://capec.mitre.org/data/definitions/100.html
• https://capec.mitre.org/data/definitions/123.html
• https://capec.mitre.org/data/definitions/14.html
• https://capec.mitre.org/data/definitions/24.html
• https://capec.mitre.org/data/definitions/42.html
• https://capec.mitre.org/data/definitions/44.html
• https://capec.mitre.org/data/definitions/45.html
• https://capec.mitre.org/data/definitions/46.html
• https://capec.mitre.org/data/definitions/47.html
• https://capec.mitre.org/data/definitions/8.html
• https://capec.mitre.org/data/definitions/9.html
• https://nvd.nist.gov/vuln/detail/CVE-2025-4253