Vulnerability Description
Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler (SEH). Attackers can craft a malicious payload exceeding 664 bytes to inject shellcode and potentially execute arbitrary code on vulnerable Windows systems.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- http://www.webgateinc.com/wgi/eng/products/list.php?ec_idx1=P610
- http://www.webgateinc.com/wgi/eng/products/list.php?ec_idx1=P610&ptype=view&page
- https://www.exploit-db.com/exploits/47645
- https://www.vulncheck.com/advisories/control-center-pro-local-stack-based-buffer
FAQ
What is CVE-2019-25357?
CVE-2019-25357 is a vulnerability with a CVSS score of 8.4 (HIGH). Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler (SEH). Attack...
How severe is CVE-2019-25357?
CVE-2019-25357 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-25357?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.