A stack-based buffer overflow vulnerability exists in the built-in web interface of DiskBoss Enterprise versions 7.4.28, 7.5.12, and 8.2.14. The vulnerability arises from improper bounds checking on the path component of HTTP GET requests. By sending a specially crafted long URI, a remote unauthenticated attacker can trigger a buffer overflow, potentially leading to arbitrary code execution with SYSTEM privileges on vulnerable Windows hosts.
The vulnerability results from improper bounds checking in the HTTP GET request path component directed to the application's built-in web server. Sending a specially crafted, excessively long URI causes a stack-based buffer overflow. This allows an attacker to overwrite control data on the stack and seize program execution control without requiring authentication.
An attacker can achieve arbitrary code execution (RCE) with SYSTEM account privileges on a vulnerable Windows host, gaining full control over the operating system.
Apply patches available from the vendor according to references. As an interim measure, it is recommended to block access to the DiskBoss Enterprise built-in web interface from external networks and untrusted internal network segments, for example using a firewall or ACL rules.
DiskBoss Enterprise versions 7.4.28, 7.5.12, and 8.2.14 running on Windows systems.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X