{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2019-25607", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-22T13:14:15.419Z", "datePublished": "2026-03-22T13:38:41.830Z", "dateUpdated": "2026-03-23T16:16:24.289Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-22T13:38:41.830Z"}, "title": "Axessh 4.2 Local Stack-based Buffer Overflow via Log File Name", "descriptions": [{"lang": "en", "value": "Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attackers to execute arbitrary code by supplying an excessively long filename. Attackers can overflow the buffer at offset 214 bytes to overwrite the instruction pointer and execute shellcode with system privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Out-of-bounds Write", "cweId": "CWE-787", "type": "CWE"}]}], "affected": [{"vendor": "Labf", "product": "Axessh", "versions": [{"version": "4.2", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 8.6, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/46922", "name": "ExploitDB-46922", "tags": ["exploit"]}, {"url": "http://www.labf.com", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "http://www.labf.com/download/axessh.exe", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.exploit-db.com/exploits/46858", "name": "Exploit DB", "tags": ["exploit"]}, {"url": "https://www.exploit-db.com/shellcodes/46281", "name": "Exploit DB", "tags": ["exploit"]}, {"name": "VulnCheck Advisory: Axessh 4.2 Local Stack-based Buffer Overflow via Log File Name", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/axessh-local-stack-based-buffer-overflow-via-log-file-name"}], "credits": [{"lang": "en", "value": "Uday Mittal (https://github.com/yaksas443/YaksasCSC-Lab/)", "type": "finder"}], "x_generator": {"engine": "vulncheck"}, "datePublic": "2019-05-24T00:00:00.000Z"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-23T16:16:14.383679Z", "id": "CVE-2019-25607", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T16:16:24.289Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "Axessh 4.2 Local Stack-based Buffer Overflow via Log File Name", "credits": [{"lang": "en", "type": "finder", "value": "Uday Mittal (https://github.com/yaksas443/YaksasCSC-Lab/)"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.6, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Labf", "product": "Axessh", "versions": [{"status": "affected", "version": "4.2"}]}], "datePublic": "2019-05-24T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/46922", "name": "ExploitDB-46922", "tags": ["exploit"]}, {"url": "http://www.labf.com", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "http://www.labf.com/download/axessh.exe", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.exploit-db.com/exploits/46858", "name": "Exploit DB", "tags": ["exploit"]}, {"url": "https://www.exploit-db.com/shellcodes/46281", "name": "Exploit DB", "tags": ["exploit"]}, {"url": "https://www.vulncheck.com/advisories/axessh-local-stack-based-buffer-overflow-via-log-file-name", "name": "VulnCheck Advisory: Axessh 4.2 Local Stack-based Buffer Overflow via Log File Name", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attackers to execute arbitrary code by supplying an excessively long filename. Attackers can overflow the buffer at offset 214 bytes to overwrite the instruction pointer and execute shellcode with system privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-22T13:38:41.830Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-25607", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-23T16:16:14.383679Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-03-23T16:16:20.826Z"}}]}, "cveMetadata": {"cveId": "CVE-2019-25607", "state": "PUBLISHED", "dateUpdated": "2026-03-22T13:38:41.830Z", "dateReserved": "2026-03-22T13:14:15.419Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-03-22T13:38:41.830Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attackers to execute arbitrary code by supplying an excessively long filename. Attackers can overflow the buffer at offset 214 bytes to overwrite the instruction pointer and execute shellcode with system privileges."}, {"lang": "es", "value": "Axessh 4.2 contiene una vulnerabilidad de desbordamiento de b\u00fafer basado en pila en el campo del nombre del archivo de registro que permite a atacantes locales ejecutar c\u00f3digo arbitrario al proporcionar un nombre de archivo excesivamente largo. Los atacantes pueden desbordar el b\u00fafer en el desplazamiento de 214 bytes para sobrescribir el puntero de instrucci\u00f3n y ejecutar shellcode con privilegios de sistema."}], "id": "CVE-2019-25607", "lastModified": "2026-04-16T16:19:50.757", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-22T14:16:28.620", "references": [{"source": "disclosure@vulncheck.com", "url": "http://www.labf.com"}, {"source": "disclosure@vulncheck.com", "url": "http://www.labf.com/download/axessh.exe"}, {"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/46858"}, {"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/46922"}, {"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/shellcodes/46281"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/axessh-local-stack-based-buffer-overflow-via-log-file-name"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "4.2"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Axessh", "source": "cna", "vendor": "Labf"}, "product": "axessh", "vendor": "labf"}], "analysis": {"en": {"generated_at": "2026-03-22T14:39:27.509584+00:00", "value": {"mitigation_remediation": ["Immediately reinstall or upgrade to a patched version of Axessh (if vendor releases an update).", "Restrict write access to the directory holding Axessh\u2019s log files, ensuring only trusted users can write there.", "If an upgrade is unavailable, avoid creating log files with excessively long names or disable logging that allows arbitrary filenames.", "Keep the system\u2019s other security controls up to date, such as SELinux or AppArmor profiles.", "Monitor the application logs for anomalous activity and seek vendor notification."], "summary": {"action": "Immediate Patching", "impact": "Local Arbitrary Code Execution"}, "threat_synthesis": {"affected_systems": "Affected product is Axessh 4.2 from the vendor Labf. No further sub\u2011versions are listed, so all releases identified as 4.2 are susceptible unless a patch has been applied.", "description_and_impact": "The vulnerability is a stack\u2011based buffer overflow in the log file name field of Axessh 4.2. By supplying a filename longer than the allocated buffer, an attacker can overwrite the return pointer at an offset of 214 bytes. This allows execution of attacker\u2011controlled shellcode with system privileges, giving full control of the host the application runs on. The weakness is identified as CWE\u2011787 and rated high severity.", "risk_and_exploitability": "With a CVSS score of 8.6, this flaw is considered significant. The exploit requires local access; EPSS data is not available, and the vulnerability is not currently included in the CISA KEV catalog, suggesting no known widespread exploitation. Nevertheless, local attackers with the ability to create log file names can immediately trigger the buffer overflow, making the risk high for unattended systems."}}}}, "created": "2026-03-23T09:46:13.191439+00:00", "updated": "2026-03-25T14:46:09.324753+00:00", "vendors": ["labf", "labf$PRODUCT$axessh"]}