CVE-2024-58299 is a stack-based buffer overflow vulnerability identified in PCMan FTP Server version 2.0. The vulnerability resides in the processing of the 'pwd' command, which is used to print the current working directory in FTP sessions. An attacker can exploit this flaw by sending a specially crafted payload during the FTP login process, which overwrites portions of memory on the server. This memory corruption can lead to arbitrary code execution, allowing the attacker to gain unauthorized system access remotely. The vulnerability requires no authentication and no user interaction, making it highly exploitable over the network. The CVSS 4.0 base score of 9.3 reflects its critical severity, with attack vector being network-based, low attack complexity, and no privileges or user interaction required. The vulnerability impacts confidentiality, integrity, and availability by enabling attackers to execute malicious code, potentially leading to data theft, system manipulation, or denial of service. No patches are currently linked, and no exploits are publicly known, but the technical details suggest that exploitation could be straightforward for skilled attackers. The vulnerability is classified under CWE-121, indicating a classic stack-based buffer overflow issue, a common and dangerous software flaw. Organizations running PCMan FTP Server 2.0 should consider this a high-priority security risk.

For European organizations, exploitation of CVE-2024-58299 could lead to severe consequences including unauthorized remote code execution, full system compromise, data breaches, and disruption of FTP services critical for file transfers. Given that FTP servers often handle sensitive data exchanges and may be integrated into broader enterprise systems, a successful attack could facilitate lateral movement within networks, exposing confidential information and critical infrastructure. The vulnerability’s remote exploitability without authentication increases the risk of widespread attacks, especially in sectors relying on legacy FTP solutions. Disruption of FTP services may impact business continuity, particularly in industries such as manufacturing, finance, and government where file transfer is integral. Additionally, compromised systems could be leveraged as footholds for further attacks or as part of botnets. The lack of known exploits currently provides a window for proactive mitigation, but the critical severity demands urgent attention to prevent potential future exploitation.

1. Immediately restrict or disable external access to PCMan FTP Server 2.0 instances until a patch is available. 2. Employ network-level controls such as firewalls and intrusion prevention systems (IPS) to monitor and block suspicious FTP traffic, especially malformed 'pwd' commands. 3. Implement strict access controls and segmentation to limit the exposure of FTP servers to only trusted networks and users. 4. Monitor FTP server logs and network traffic for anomalous patterns indicative of exploitation attempts, such as unusual payload sizes or unexpected commands during login. 5. Where possible, replace PCMan FTP Server with more secure, actively maintained FTP or SFTP solutions that do not have known critical vulnerabilities. 6. Prepare for patch deployment by establishing vendor communication channels and testing updates in controlled environments. 7. Educate IT staff about this vulnerability and ensure incident response plans include scenarios involving FTP server compromise. 8. Consider deploying application-layer firewalls or FTP-aware security tools that can detect and block buffer overflow attempts targeting FTP commands.