{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2019-25681", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-04-05T13:33:54.194Z", "datePublished": "2026-04-05T20:45:31.303Z", "dateUpdated": "2026-04-06T18:24:46.806Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-05T20:45:31.303Z"}, "datePublic": "2019-02-24T00:00:00.000Z", "title": "Xlight FTP Server 3.9.1 SEH Overwrite Buffer Overflow", "descriptions": [{"lang": "en", "value": "Xlight FTP Server 3.9.1 contains a structured exception handler (SEH) overwrite vulnerability that allows local attackers to crash the application and overwrite SEH pointers by supplying a crafted buffer string. Attackers can inject a 428-byte payload through the program execution field in virtual server configuration to trigger a buffer overflow that corrupts the SEH chain and enables potential code execution."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Out-of-bounds Write", "cweId": "CWE-787", "type": "CWE"}]}], "affected": [{"vendor": "Xlightftpd", "product": "Xlight", "versions": [{"version": "3.9.1", "status": "affected"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:xlightftpd:xlight_ftp:3.9.1:*:*:*:*:*:*:*"}]}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 8.6, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/46458", "name": "ExploitDB-46458", "tags": ["exploit"]}, {"url": "https://www.xlightftpd.com/index.htm", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "https://www.xlightftpd.com/download/xlight.zip", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: Xlight FTP Server 3.9.1 SEH Overwrite Buffer Overflow", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/xlight-ftp-server-seh-overwrite-buffer-overflow"}], "credits": [{"lang": "en", "value": "Logan Whitmire", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-06T18:24:01.127284Z", "id": "CVE-2019-25681", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T18:24:46.806Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-25681", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-06T18:24:01.127284Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T18:24:38.514Z"}}], "cna": {"title": "Xlight FTP Server 3.9.1 SEH Overwrite Buffer Overflow", "credits": [{"lang": "en", "type": "finder", "value": "Logan Whitmire"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.6, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Xlightftpd", "product": "Xlight", "versions": [{"status": "affected", "version": "3.9.1"}]}], "datePublic": "2019-02-24T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/46458", "name": "ExploitDB-46458", "tags": ["exploit"]}, {"url": "https://www.xlightftpd.com/index.htm", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "https://www.xlightftpd.com/download/xlight.zip", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/xlight-ftp-server-seh-overwrite-buffer-overflow", "name": "VulnCheck Advisory: Xlight FTP Server 3.9.1 SEH Overwrite Buffer Overflow", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "Xlight FTP Server 3.9.1 contains a structured exception handler (SEH) overwrite vulnerability that allows local attackers to crash the application and overwrite SEH pointers by supplying a crafted buffer string. Attackers can inject a 428-byte payload through the program execution field in virtual server configuration to trigger a buffer overflow that corrupts the SEH chain and enables potential code execution."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "Out-of-bounds Write"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:xlightftpd:xlight_ftp:3.9.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-05T20:45:31.303Z"}}}, "cveMetadata": {"cveId": "CVE-2019-25681", "state": "PUBLISHED", "dateUpdated": "2026-04-06T18:24:46.806Z", "dateReserved": "2026-04-05T13:33:54.194Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-04-05T20:45:31.303Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Xlight FTP Server 3.9.1 contains a structured exception handler (SEH) overwrite vulnerability that allows local attackers to crash the application and overwrite SEH pointers by supplying a crafted buffer string. Attackers can inject a 428-byte payload through the program execution field in virtual server configuration to trigger a buffer overflow that corrupts the SEH chain and enables potential code execution."}], "id": "CVE-2019-25681", "lastModified": "2026-04-07T13:20:35.010", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-04-05T21:16:46.457", "references": [{"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/46458"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/xlight-ftp-server-seh-overwrite-buffer-overflow"}, {"source": "disclosure@vulncheck.com", "url": "https://www.xlightftpd.com/download/xlight.zip"}, {"source": "disclosure@vulncheck.com", "url": "https://www.xlightftpd.com/index.htm"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.9.1"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Xlight", "source": "cna", "vendor": "Xlightftpd"}, "product": "xlight_ftp", "vendor": "xlightftpd"}], "analysis": {"en": {"generated_at": "2026-04-05T23:22:35.944614+00:00", "value": {"mitigation_remediation": ["Upgrade Xlight FTP Server to a version that addresses the SEH overwrite buffer overflow.", "If an upgrade is not immediately possible, restrict local access to the virtual server configuration or disable the program execution field to prevent the malformed payload from being processed.", "Consider replacing the vulnerable FTP server with a supported alternative that receives regular security updates.", "Monitor system logs for abnormal activity that may indicate attempts to exploit the configuration field."], "summary": {"action": "Patch immediately", "impact": "Local code execution via SEH overwrite"}, "threat_synthesis": {"affected_systems": "The affected product is Xlight FTP Server version 3.9.1 from the vendor Xlight. The vulnerability resides in the configuration handling for virtual servers and can affect any installation running this version. No other versions or additional products are listed as affected in the CNA data.", "description_and_impact": "Xlight FTP Server 3.9.1 contains a buffer overflow that overwrites the structured exception handler pointers when a specially crafted 428\u2011byte payload is supplied in the program execution field of a virtual server configuration. The overflow corrupts the SEH chain and can give an attacker the ability to inject and execute code in the process, resulting in loss of integrity and confidentiality for the system. The vulnerability is classified with a CVSS score of eight point six, indicating a high\u2011severity flaw that could be leveraged for local code execution. This weakness corresponds to the type of vulnerability identified by CWE\u2011787, an improper restriction of operations within buffer limits.", "risk_and_exploitability": "The CVSS score of 8.6 highlights the serious risk posed by this flaw. Exploitation requires local access with the ability to modify virtual server configuration, which may be achievable by users with privileged or local administrative rights. No EPSS score is available, and the vulnerability is not listed in CISA\u2019s Known Exploited Vulnerabilities catalog, implying that widespread commercial exploitation is not currently documented. Nonetheless, the local attack vector combined with the high potential for arbitrary code execution makes the threat significant for systems that expose the vulnerable configuration fields."}}}}, "created": "2026-04-06T20:22:36.444938+00:00", "updated": "2026-04-06T21:48:28.832928+00:00", "vendors": ["xlightftpd", "xlightftpd$PRODUCT$xlight_ftp"]}