File Sharing Wizard version 1.5.0 build 2008 is affected by a Structured Exception Handler based buffer overflow vulnerability. An unauthenticated attacker is able to perform remote command execution and obtain a command shell by sending a HTTP GET request including the malicious payload in the URL. A similar issue to CVE-2019-17415, CVE-2019-16724, and CVE-2010-2331.
References
Link | Resource |
---|---|
http://0xhuesca.com/cve-2019-18655.html | Exploit Third Party Advisory |
https://www.0xhuesca.com/2019/11/cve-2019-18655.html | Exploit Third Party Advisory |
Configurations
History
10 Feb 2021, 13:53
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.0xhuesca.com/2019/11/cve-2019-18655.html - Exploit, Third Party Advisory |
11 Jan 2021, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2019-11-12 17:15
Updated : 2023-12-10 13:13
NVD link : CVE-2019-18655
Mitre link : CVE-2019-18655
CVE.ORG link : CVE-2019-18655
JSON object : View
Products Affected
upredsun
- file_sharing_wizard
CWE
CWE-787
Out-of-bounds Write