CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2018-18912
https://notcve.org/view.php?id=CVE-2018-18912
An issue was discovered in Easy File Sharing (EFS) Web Server 7.2. A stack-based buffer overflow vulnerability occurs when a malicious POST request has been made to forum.ghp upon creating a new topic in the forums, which allows remote attackers to execute arbitrary code. Se descubrió un problema en Easy File Sharing (EFS) Web Server 7.2. Una vulnerabilidad de desbordamiento de búfer basado en pila se produce cuando se ha realizado una petición POST maliciosa a forum.ghp al crear un nuevo tema en los foros, lo que permite a los atacantes remotos ejecutar código arbitrario. • https://github.com/notkisi/CVE-s/blob/master/CVE-2018-18912.py • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 34%CPEs: 1EXPL: 3CVE-2018-9059 – Easy File Sharing Web Server 7.2 - 'UserID' Remote Buffer Overflow (DEP Bypass)
https://notcve.org/view.php?id=CVE-2018-9059
Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp. NOTE: this may overlap CVE-2014-3791. Desbordamiento de búfer basado en pila en Easy File Sharing (EFS) Web Server 7.2 permite que atacantes remotos ejecuten código arbitrario mediante un inicio de sesión malicioso en forum.ghp. NOTA: podría solaparse con CVE-2014-3791. Easy File Sharing Web Server version 7.2 suffers from a buffer overflow vulnerability. • https://www.exploit-db.com/exploits/44522 https://www.exploit-db.com/exploits/44485 https://github.com/manojcode/easy-file-share-7.2-exploit-CVE-2018-9059 http://packetstormsecurity.com/files/147246/Easy-File-Sharing-Web-Server-7.2-Buffer-Overflow.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •