CVE-2019-25733
Deferred Deferred - Pending Action
NetShareWatcher 1.5.8.0 SEH Buffer Overflow via Restrictions Filter

Publication date: 2026-06-04

Last updated on: 2026-06-04

Assigner: VulnCheck

Description
NetShareWatcher 1.5.8.0 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input. Attackers can craft a payload with overwritten SEH and NSEH pointers through the Restrictions custom filter field to trigger code execution when the Find function is invoked.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-04
Last Modified
2026-06-04
Generated
2026-06-25
AI Q&A
2026-06-04
EPSS Evaluated
2026-06-23
NVD
CVE-2019-25733
EUVD
EUVD-2019-20169
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
netsharewatcher netsharewatcher 1.5.8.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not include any details on how the vulnerability in NetShareWatcher 1.5.8.0 affects compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

CVE-2019-25733 is a structured exception handler (SEH) buffer overflow vulnerability in NetShareWatcher version 1.5.8.0 and earlier. It allows local attackers to execute arbitrary code by supplying malicious input through the Restrictions custom filter field. The attacker crafts a payload that overwrites SEH and NSEH pointers, which triggers code execution when the Find function is invoked.

The exploit involves sending a specially crafted input that overwrites the SEH chain, including a short jump instruction and a return address, enabling execution of attacker-controlled code such as launching arbitrary programs.

Impact Analysis

This vulnerability can allow a local attacker to execute arbitrary code on the affected system with the privileges of the user running NetShareWatcher. This could lead to unauthorized actions such as running malicious software, gaining further access, or disrupting normal operations.

Because the exploit can trigger code execution, it poses a significant security risk including potential denial of service or full compromise of the affected machine.

Detection Guidance

This vulnerability can be detected by identifying if NetShareWatcher version 1.5.8.0 or earlier is installed and in use on the system, as the vulnerability is triggered locally through the Restrictions custom filter field when the Find function is invoked.

Since the exploit involves supplying a malicious payload to the Restrictions custom filter field, detection can involve monitoring or auditing the inputs to this field for suspicious or unusually long strings that could overwrite SEH and NSEH pointers.

There are no specific commands provided in the resources to detect the vulnerability directly on the network or system.

Mitigation Strategies

Immediate mitigation steps include restricting local user access to NetShareWatcher 1.5.8.0 or earlier versions, as the vulnerability requires local attacker access.

Avoid using or entering untrusted or malformed input in the Restrictions custom filter field, especially inputs that could be crafted to overwrite SEH and NSEH pointers.

If possible, upgrade to a version of NetShareWatcher that has patched this vulnerability or apply any available security updates from the vendor.

Monitor and audit usage of the Find function and inputs to the Restrictions filter to detect any attempts to exploit the vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25733. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart