Unknown · Easy File Sharing Ftp Server · CVE-2025-34096
**Name of the Vulnerable Software and Affected Versions:**
Easy File Sharing HTTP Server version 7.2
**Description:**
A stack-based buffer overflow vulnerability exists in the application. The flaw is triggered when a crafted POST request is sent to the `/sendemail.ghp` endpoint containing an overly long `Email` parameter. The application fails to properly validate the length of this field, resulting in a memory corruption condition. An unauthenticated remote attacker can exploit this to execute arbitrary code with the privileges of the server process.
**Recommendations:**
Easy File Sharing HTTP Server version 7.2: As a temporary workaround, consider disabling the `/sendemail.ghp` endpoint until a patch is available.