Cyber Resilience

CVE-2025-70314

CriticalPublic PoC

Published: 12 February 2026

Published
12 February 2026
Modified
18 February 2026
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0045 35.7th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2025-70314 is a critical-severity Classic Buffer Overflow (CWE-120) vulnerability in Ourway Webfsd. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 35.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2025-70314 is a buffer overflow vulnerability in webfsd version 1.21, triggered by a crafted request that exploits improper handling of the filename variable. Classified under CWE-120, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical due to its potential for severe impact across confidentiality, integrity, and availability.

A remote, unauthenticated attacker can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation enables high-impact outcomes, including potential arbitrary code execution on the affected system.

Mitigation details and further technical analysis are available in the referenced advisory at https://gist.github.com/Err0rzz/3afe49f54e1121b8a08a69801b61cfcc and the project repository at https://github.com/ourway/webfsd. The CVE was published on 2026-02-12T20:16:03.133.

EU & UK References

Vulnerability details

webfsd 1.21 is vulnerable to a Buffer Overflow via a crafted request. This is due to the filename variable

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Buffer overflow in public-facing webfsd web server enables remote unauthenticated RCE via crafted requests, directly mapping to exploitation of public-facing applications.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-38426Shared CWE-120
CVE-2025-29329Shared CWE-120
CVE-2025-25567Shared CWE-120
CVE-2025-60553Shared CWE-120
CVE-2025-26005Shared CWE-120
CVE-2024-57482Shared CWE-120
CVE-2026-27459Shared CWE-120
CVE-2025-27836Shared CWE-120
CVE-2025-29137Shared CWE-120
CVE-2026-25994Shared CWE-120

Affected Assets

ourway
webfsd
1.21

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires validation of all information inputs, including crafted filename variables in requests, to directly prevent buffer overflow vulnerabilities.

prevent

Implements memory protection mechanisms like stack guards and non-executable stacks to mitigate exploitation of buffer overflows leading to arbitrary code execution.

prevent

Mandates timely identification, reporting, and remediation of flaws such as the buffer overflow in webfsd 1.21 to eliminate the vulnerability.

References