CVE-2025-34105
BaseFortify
Publication date: 2025-07-15
Last updated on: 2025-07-15
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| diskboss | diskboss_enterprise | 7.5.12 |
| diskboss | diskboss_enterprise | 7.4.28 |
| diskboss | diskboss_enterprise | 8.2.14 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
If exploited, this vulnerability can allow a remote unauthenticated attacker to execute arbitrary code on the affected system with SYSTEM privileges. This means the attacker can take full control of the Windows host running DiskBoss Enterprise, potentially leading to complete system compromise, data theft, disruption of services, or further network penetration. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending specially crafted HTTP GET requests with overly long URI paths to the DiskBoss Enterprise web interface on port 80 and observing the response or behavior. One approach is to use a script or tool to send such requests and check for crashes or unexpected responses indicating a buffer overflow. For example, using netcat or curl to send a long GET request to the target host on port 80 could help detect the vulnerability. Additionally, the Metasploit module for this vulnerability performs automatic target detection by sending an initial HTTP GET request to the root URI and parsing the response body to identify the DiskBoss Enterprise version, which can be used to confirm if the system is vulnerable. [1, 2, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling the built-in web interface of DiskBoss Enterprise if it is not required, restricting network access to the management web-console to trusted hosts only, and applying any available patches or updates from the vendor that address this buffer overflow vulnerability. If patches are not available, consider using network-level protections such as firewalls or intrusion prevention systems to block or monitor suspicious HTTP GET requests with unusually long URI paths targeting port 80 on affected hosts.
Can you explain this vulnerability to me?
This vulnerability is a stack-based buffer overflow in the built-in web interface of DiskBoss Enterprise versions 7.4.28, 7.5.12, and 8.2.14. It occurs because the software does not properly check the length of the path component in HTTP GET requests. An attacker can send a specially crafted, excessively long URI in a GET request to trigger the overflow. This allows the attacker to overwrite parts of the stack, including the Structured Exception Handler (SEH), and execute arbitrary code remotely with SYSTEM-level privileges on vulnerable Windows hosts. [1, 2, 3]