vendor:
Easy File Sharing Web Server
by:
bl4ck h4ck3r
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Easy File Sharing Web Server
Affected Version From: Easy File Sharing Web Server v7.2
Affected Version To: Easy File Sharing Web Server v7.2
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Windows XP SP2, Windows 2008 R2 x64
Easy File Sharing Web Server 7.2 – ‘POST’ Buffer Overflow (DEP Bypass with ROP)
This exploit targets Easy File Sharing Web Server version 7.2 and utilizes a buffer overflow vulnerability in the 'POST' request. It bypasses DEP (Data Execution Prevention) using ROP (Return-Oriented Programming) techniques. The exploit is written in Python and uses a crafted shellcode to execute arbitrary commands.
Mitigation:
Update to a patched version of Easy File Sharing Web Server or use alternative software. Apply security best practices such as input validation and boundary checking.