CVE-2019-25736

Published: Giu 04, 2026 Last Modified: Giu 04, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 8,6

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

HIGH 8,4

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

LabF nfsAxe 3.7 Ping Client contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the Host IP field. Attackers can craft a specially formatted input file with shellcode and overwrite the return address to execute calc.exe or other arbitrary commands.

120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Confidentiality Availability

Potential Impacts:

Modify Memory Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu)

Applicable Platforms

Languages: Memory-Unsafe, C, C++, Assembly

Likelihood of Exploit: High

View CWE Details

https://www.exploit-db.com/exploits/46737

https://www.vulncheck.com/advisories/labf-nfsaxe-ping-clien…

https://www.vulncheck.com/advisories/labf-nfsaxe-ping-client-buffer-overflow

http://www.labf.com/nfsaxe

CVE-2019-25736

Description

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Common Consequences

Applicable Platforms

Iscriviti alla newsletter