CVE-2019-17424

HIGH

nipper-ng 0.11.10 - Remote Code Execution or Denial of Service via Crafted Firewall Configuration File

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2019-17424. PoCs published by Guy Levin, mavlevin.

AI-analyzed exploit summary This exploit leverages a buffer overflow in nipper-ng 0.11.10 to achieve remote code execution by overwriting return addresses and injecting a shell command into a controlled memory location. The payload is crafted to bypass space restrictions and align memory addresses for reliable exploitation.

Description

A stack-based buffer overflow in the processPrivilage() function in IOS/process-general.c in nipper-ng 0.11.10 allows remote attackers (serving firewall configuration files) to achieve Remote Code Execution or Denial Of Service via a crafted file.

Exploits (3)

exploitdb WORKING POC
by Guy Levin · pythonremotelinux
https://www.exploit-db.com/exploits/47673

This exploit leverages a buffer overflow in nipper-ng 0.11.10 to achieve remote code execution by overwriting return addresses and injecting a shell command into a controlled memory location. The payload is crafted to bypass space restrictions and align memory addresses for reliable exploitation.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: nipper-ng 0.11.10
No auth needed
Prerequisites: Network access to the target service · nipper-ng 0.11.10 running on a vulnerable system
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 5 stars
by mavlevin · poc
https://github.com/mavlevin/CVE-2019-17424

This repository contains a functional exploit for CVE-2019-17424, a stack-based buffer overflow in nipper-ng 0.11.10. The exploit generates a malicious input file that triggers arbitrary command execution by overwriting the return address and redirecting execution to a system() call with attacker-controlled arguments.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: nipper-ng 0.11.10
No auth needed
Prerequisites: Access to execute nipper-ng with a crafted input file · Environment variable LD_BIND_NOW=1 may be required on certain systems
devstral-2 · analyzed Feb 19, 2026 Full analysis →
inthewild WORKING POC
poc
https://github.com/guywhataguy/cve-2019-17424

This repository contains a functional exploit for CVE-2019-17424, a stack-based buffer overflow in nipper-ng 0.11.10. The exploit generates a malicious input file that triggers arbitrary command execution by overwriting the return address and redirecting execution to a system() call with attacker-controlled arguments.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: nipper-ng 0.11.10
No auth needed
Prerequisites: victim must process the malicious input file with nipper-ng
devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory x_refsource_misc
https://twitter.com/va_start
Exploit, Third Party Advisory x_refsource_misc
https://blog.vastart.dev/2019/10/stack-overflow-cve-2019-17424.html
Third Party Advisory x_refsource_misc
https://github.com/guywhataguy/CVE-2019-17424

Scores

CVSS v3 7.8
EPSS 0.3130
EPSS Percentile 96.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (1)
nipper-ng_project/nipper-ng 0.11.10
Published Oct 22, 2019
Tracked Since Feb 18, 2026