← back
CVE-2019-25660

LanHelper 1.74 Denial of Service via Buffer Overflow

CVSS 6.9 MEDIUMEPSS 0.2%CWE-787
LanHelper 1.74 contains a local buffer overflow vulnerability that allows attackers to crash the application by sending excessively long input strings. Attackers can exploit the Form Send Message feature by pasting 6000 bytes of data into the Message text field to trigger a denial of service condition.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected products
Hainsoft · LanHelper
public PoCs found1
cve_referencewww.exploit-db.com/exploits/46295unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.exploit-db.com/exploits/46295https://www.vulncheck.com/advisories/lanhelper-denial-of-service-via-buffer-overflowhttp://www.hainsoft.com/