PT-2025-29550 · Unknown · Libspp.Dll+1
Tulpa Security
·
Published
2025-07-15
·
Updated
2025-07-15
·
CVE-2025-34108
CVSS v4.0
8.6
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Disk Pulse Enterprise version 9.0.34
Description
A stack-based buffer overflow exists in the login functionality. An attacker can send a specially crafted HTTP POST request to the
/login endpoint with an overly long username parameter, causing a buffer overflow in the libspp.dll component. Successful exploitation allows arbitrary code execution with SYSTEM privileges.Recommendations
Disk Pulse Enterprise version 9.0.34: As a temporary workaround, consider restricting the length of the
username parameter in the /login endpoint to prevent excessively long input.Exploit
Fix
Stack Overflow
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Diskpulse Enterprise
Libspp.Dll