CVE-2025-3678

Name of the Vulnerable Software and Affected Versions PCMan FTP Server version 2.0.7

Description A critical issue has been found in the HELP Command Handler component of PCMan FTP Server, leading to a buffer overflow. This issue can be exploited remotely. The manipulation of the HELP Command Handler component results in a buffer overflow, which can be initiated remotely through an attack on the / API endpoint, although the specific endpoint is not explicitly mentioned.

Recommendations For PCMan FTP Server version 2.0.7, as a temporary workaround, consider disabling the HELP Command Handler component until a patch is available. Restrict access to the vulnerable component to minimize the risk of exploitation. Avoid using the HELP command in the affected FTP server until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.