CVE-2019-25607

Published: Mar 22, 2026 Last Modified: Mar 22, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 8,6

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

HIGH 8,4

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attackers to execute arbitrary code by supplying an excessively long filename. Attackers can overflow the buffer at offset 214 bytes to overwrite the instruction pointer and execute shellcode with system privileges.

787

Out-of-bounds Write

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Availability Other

Potential Impacts:

Modify Memory Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Unexpected State

Applicable Platforms

Languages: Assembly, C, C++, Memory-Unsafe

Technologies: ICS/OT

Likelihood of Exploit: High

View CWE Details

https://www.exploit-db.com/exploits/46858

https://www.exploit-db.com/exploits/46858

https://www.exploit-db.com/exploits/46922

https://www.exploit-db.com/exploits/46922

https://www.exploit-db.com/shellcodes/46281

https://www.exploit-db.com/shellcodes/46281

https://www.vulncheck.com/advisories/axessh-local-stack-bas…

https://www.vulncheck.com/advisories/axessh-local-stack-based-buffer-overflow-v…

http://www.labf.com

http://www.labf.com

http://www.labf.com/download/axessh.exe

http://www.labf.com/download/axessh.exe