Easy File Sharing Web Server Buffer Overflow Vulnerability Allowing Arbitrary Code Execution

A local buffer overflow vulnerability has been identified in Easy File Sharing Web Server version 7.2. This vulnerability arises from improper handling of structured exception handling (SEH), allowing local attackers to execute arbitrary code. Exploitation involves creating a malicious username that includes a payload of 4059 bytes, followed by a non-standard exception handler (nseh) value and a SEH pointer. The overflow is triggered when the username is processed while adding a new user account.

Impact

Exploitation of this vulnerability leads to a local structured exception handling buffer overflow, allowing for arbitrary code execution.

Reproduction

To reproduce this vulnerability, create a username that includes 4059 bytes of padding followed by a crafted nseh value and seh pointer. Once the username is prepared, add a new user account in the application. The program will crash, indicating that the buffer overflow has been successfully exploited.