Cyber Resilience

CVE-2019-25353

MediumPublic PoC

Published: 18 February 2026

Published
18 February 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0004 13.1th percentile
Risk Priority 9 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2019-25353 is a medium-severity Classic Buffer Overflow (CWE-120) vulnerability in Foscam Video Management (inferred from references). Its CVSS base score is 4.6 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 13.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2019-25353 is a denial-of-service vulnerability in Foscam Video Management System version 1.1.4.9. The flaw exists in the username input field during device login, where attackers can trigger a buffer overflow (CWE-120) by supplying a 520-byte buffer of repeated 'A' characters, causing the application to crash. The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Unauthenticated remote attackers can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation results in a denial of service, rendering the application unavailable by crashing it during login attempts, with high impact to availability but no effects on confidentiality or integrity.

Advisories and references include a proof-of-concept exploit on Exploit-DB at https://www.exploit-db.com/exploits/47671 and a VulnCheck advisory at https://www.vulncheck.com/advisories/foscam-video-management-system-username-denial-of-service. The vendor site is available at https://www.foscam.es/.

EU & UK References

Vulnerability details

Foscam Video Management System 1.1.4.9 contains a denial of service vulnerability in the username input field that allows attackers to crash the application. Attackers can overwrite the username with a 520-byte buffer of repeated 'A' characters to trigger an application…

more

crash during device login.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Buffer overflow in login input directly enables application crash via exploitation, matching T1499.004 Endpoint Denial of Service (Application or System Exploitation).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-20115Shared CWE-120
CVE-2020-37205Shared CWE-120
CVE-2026-28875Shared CWE-120
CVE-2020-37194Shared CWE-120
CVE-2020-37180Shared CWE-120
CVE-2024-24419Shared CWE-120
CVE-2026-30075Shared CWE-120
CVE-2020-37213Shared CWE-120
CVE-2021-47798Shared CWE-120
CVE-2020-37215Shared CWE-120

Affected Assets

Foscam
Video Management
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires validation of username inputs to reject oversized 520-byte buffers that trigger the buffer overflow and application crash.

prevent

Protects against denial-of-service events by limiting the effects of unauthenticated remote attacks causing application crashes during login.

prevent

Enforces limits on input quantity, such as maximum username length, to block buffer overflow attempts during device login.

References