cbcvebase.
CVE-2025-34096
published 2025-07-10

CVE-2025-34096: A stack-based buffer overflow vulnerability exists in Easy File Sharing HTTP Server version 7.2. The flaw is triggered when a crafted POST request is sent to…

PriorityP267critical9.3CVSS 4.0
AVNACLATNPRNUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
1.08%
60.8th percentile
A stack-based buffer overflow vulnerability exists in Easy File Sharing HTTP Server version 7.2. The flaw is triggered when a crafted POST request is sent to the /sendemail.ghp endpoint containing an overly long Email parameter. The application fails to properly validate the length of this field, resulting in a memory corruption condition. An unauthenticated remote attacker can exploit this to execute arbitrary code with the privileges of the server process.

Affected

1 ranges
VendorProductVersion rangeFixed in
efs_software_inceasy_file_sharing_http_server

Detection & IOCsextracted from sources · hover to see the quote

url/sendemail.ghp
versionEasy File Sharing HTTP Server 7.2
  • Detect oversized POST body targeting the /sendemail.ghp endpoint — an unauthenticated attacker sends a crafted POST with an abnormally long Email parameter to trigger stack-based buffer overflow.
  • Monitor for unauthenticated POST requests to /sendemail.ghp on Easy File Sharing HTTP Server 7.2 instances, particularly those with unusually large Email field values indicative of buffer overflow attempts.
  • Metasploit module exists for this vulnerability targeting Easy File Sharing HTTP Server 7.2 via POST buffer overflow — presence of this module in use may be detected via known Metasploit payload signatures in network traffic.
  • ·The Metasploit module targets the Windows platform specifically; exploitation results in code execution with server process privileges on Windows hosts running Easy File Sharing HTTP Server 7.2.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.