CVE-2025-34096

Name of the Vulnerable Software and Affected Versions: Easy File Sharing HTTP Server version 7.2

Description: A stack-based buffer overflow vulnerability exists in the application. The flaw is triggered when a crafted POST request is sent to the /sendemail.ghp endpoint containing an overly long Email parameter. The application fails to properly validate the length of this field, resulting in a memory corruption condition. An unauthenticated remote attacker can exploit this to execute arbitrary code with the privileges of the server process.

Recommendations: Easy File Sharing HTTP Server version 7.2: As a temporary workaround, consider disabling the /sendemail.ghp endpoint until a patch is available.