vendor:
Easy File Management Web Server
by:
Tracy Turben
9.8
CVSS
CRITICAL
Buffer Overflow
119
CWE
Product Name: Easy File Management Web Server
Affected Version From: 5.6
Affected Version To: 5.6
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Windows 7 32-bit
2015
Easy File Management Web Server v5.6 – USERID Remote Buffer Overflow
This exploit allows an attacker to remotely overflow the USERID parameter in Easy File Management Web Server v5.6, leading to arbitrary code execution. The vulnerability was discovered by Tracy Turben and the exploit code is based on the work of superkojiman. The exploit takes advantage of a buffer overflow in the USERID parameter to execute a crafted payload. It uses a pivot technique to redirect execution flow to the crafted payload and then executes a stack-based shellcode to spawn a calculator (calc.exe).
Mitigation:
Update to a patched version of Easy File Management Web Server to prevent exploitation of this vulnerability.