CVE-2024-58299
Unknown Unknown - Not Provided
Buffer Overflow in PCMan FTP Server 2.0 Enables Remote Code Execution

Publication date: 2025-12-12

Last updated on: 2025-12-12

Assigner: VulnCheck

Description
PCMan FTP Server 2.0 contains a buffer overflow vulnerability in the 'pwd' command that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted payload during the FTP login process to overwrite memory and potentially gain system access.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-12
Last Modified
2025-12-12
Generated
2026-06-16
AI Q&A
2025-12-12
EPSS Evaluated
2026-06-15
NVD
CVE-2024-58299
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
pcman ftp_server 2.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a buffer overflow in the 'pwd' command of PCMan FTP Server 2.0. It allows remote attackers to send a specially crafted payload during the FTP login process that overwrites memory, enabling them to execute arbitrary code on the affected system.

Impact Analysis

The vulnerability can allow attackers to gain unauthorized system access by executing arbitrary code remotely. This can lead to full compromise of the affected system, including data theft, system manipulation, or further attacks within the network.

Detection Guidance

This vulnerability can be detected by monitoring FTP traffic for suspicious 'pwd' commands containing unusually long or malformed payloads that could trigger the buffer overflow. Specifically, detection can involve capturing FTP login sequences where the 'USER' and 'PASS' commands are followed by a 'pwd' command with an excessively long string (e.g., over 2000 characters). A practical approach is to use network packet capture tools like Wireshark or tcpdump to filter FTP traffic on port 21 and inspect the 'pwd' command payloads. Additionally, running the exploit script from Resource 2 in a controlled environment can help verify if a system is vulnerable. [2]

Mitigation Strategies

Immediate mitigation steps include disabling or restricting access to the PCMan FTP Server version 2.0, especially blocking external access to port 21 to prevent remote exploitation. Applying any available patches or updates from the vendor is recommended if available. If patching is not possible, consider using network-level protections such as firewalls or intrusion prevention systems to detect and block malicious 'pwd' commands with oversized payloads. Monitoring logs for unusual FTP activity and restricting FTP usage to trusted networks can also reduce risk. [1, 2]

Compliance Impact

The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2024-58299. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart