CVE-2018-18912

CRITICAL

Easy File Sharing Web Server 7.2 - Remote Code Execution via Forum Topic Creation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-18912. PoCs published by TheMalwareGuardian.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2018-18912, a stack-based buffer overflow (SEH) in Easy File Sharing Web Server 7.2. The exploit includes multiple Python scripts demonstrating the full exploitation chain, from crash triggering to shellcode execution.

Description

An issue was discovered in Easy File Sharing (EFS) Web Server 7.2. A stack-based buffer overflow vulnerability occurs when a malicious POST request has been made to forum.ghp upon creating a new topic in the forums, which allows remote attackers to execute arbitrary code.

Exploits (1)

nomisec WORKING POC
by TheMalwareGuardian · poc
https://github.com/TheMalwareGuardian/CVE-2018-18912

This repository contains a functional exploit for CVE-2018-18912, a stack-based buffer overflow (SEH) in Easy File Sharing Web Server 7.2. The exploit includes multiple Python scripts demonstrating the full exploitation chain, from crash triggering to shellcode execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Easy File Sharing Web Server 7.2
Auth required
Prerequisites: authenticated session · network access to target
devstral-2 · analyzed Mar 17, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 9.8
EPSS 0.0350
EPSS Percentile 87.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (1)
sharing-file/easy_file_sharing_web_server 7.2
Published May 13, 2019
Tracked Since Feb 18, 2026