CVE-2025-4240

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://fitoxs.com/exploit/exploit-3c2b72a81c4f4fbe75903a2c9280d78fce69420fbc77e78ea6e73b34b735e70a.txt", "name": "https://fitoxs.com/exploit/exploit-3c2b72a81c4f4fbe75903a2c9280d78fce69420fbc77e78ea6e73b34b735e70a.txt", "tags": ["Exploit"], "refsource": ""}, {"url": "https://vuldb.com/?ctiid.307331", "name": "VDB-307331 | CTI Indicators (IOB, IOC)", "tags": ["Permissions Required"], "refsource": ""}, {"url": "https://vuldb.com/?id.307331", "name": "VDB-307331 | PCMan FTP Server LCD Command buffer overflow", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "https://vuldb.com/?submit.561571", "name": "Submit #561571 | PCMan FTP Server 2.0.7 Buffer Overflow", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. This issue affects some unknown processing of the component LCD Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-120"}, {"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-120"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-4240", "ASSIGNER": "cna@vuldb.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}}, "publishedDate": "2025-05-03T18:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:pcman:ftp_server:2.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-05-16T17:41Z"}