CVE-2019-25466
Published: 11 March 2026
Summary
CVE-2019-25466 is a high-severity Out-of-bounds Write (CWE-787) vulnerability. Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 4.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2019-25466 is a local structured exception handling (SEH) buffer overflow vulnerability in Easy File Sharing Web Server 7.2. The flaw occurs when adding a new user account, allowing local attackers to execute arbitrary code by crafting a malicious username containing 4059 bytes of padding followed by an nseh value and SEH pointer to trigger the overflow. It is classified under CWE-787 (Out-of-bounds Write) with a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Local attackers with access to the affected system can exploit this vulnerability without requiring privileges (PR:N) or user interaction (UI:N). Successful exploitation enables arbitrary code execution, granting high-impact confidentiality, integrity, and availability compromises on the target system.
Details on the vulnerability, including exploit code, are documented in references such as https://www.exploit-db.com/exploits/47411 and https://www.vulncheck.com/advisories/easy-file-sharing-web-server-local-seh-overflow. No patch or mitigation details are specified in the CVE description.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2019-19737
Vulnerability details
Easy File Sharing Web Server 7.2 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by creating a malicious username. Attackers can craft a username with a payload containing 4059 bytes of…
more
padding followed by a nseh value and seh pointer to trigger the overflow when adding a new user account.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local SEH buffer overflow enabling arbitrary code execution on the target system directly facilitates exploitation for privilege escalation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SI-2 requires timely identification, reporting, and correction of system flaws like this buffer overflow vulnerability, directly eliminating the root cause by patching or replacing the affected software.
SI-10 mandates validation of information inputs such as usernames to ensure they are within expected lengths and formats, preventing the buffer overflow triggered by oversized malicious payloads.
SI-16 implements memory protections like DEP and ASLR that thwart exploitation of SEH buffer overflows by preventing arbitrary code execution from overwritten exception handlers.