CVE-2019-25660

Exploit

EPSS 0.02%
Veröffentlicht 05.04.2026 20:45:15
Zuletzt bearbeitet 20.04.2026 18:15:27
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

LanHelper 1.74 contains a local buffer overflow vulnerability that allows attackers to crash the application by sending excessively long input strings. Attackers can exploit the Form Send Message feature by pasting 6000 bytes of data into the Message text field to trigger a denial of service condition.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hainsoft ≫ Lanhelper Version <= 1.74

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.033

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
disclosure@vulncheck.com	6.9	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
disclosure@vulncheck.com	6.2	2.5	3.6	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://www.exploit-db.com/exploits/46295

Exploit

VDB Entry

http://www.hainsoft.com/

Broken Link

https://www.vulncheck.com/advisories/lanhelper-denial-of-service-via-buffer-overflow

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-25660

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-25660

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-25660

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2019-25660