CVE-2019-25626

HIGH

River Past Cam Do 3.7.6 Local Buffer Overflow in Activation Code

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-25626. PoCs published by Chris Au.

AI-analyzed exploit summary This is a functional local buffer overflow exploit for River Past Cam Do 3.7.6, leveraging a structured exception handler (SEH) overwrite to achieve arbitrary code execution (calc.exe). The exploit generates a malicious activation code file that triggers the vulnerability when pasted into the application.

Description

River Past Cam Do 3.7.6 contains a local buffer overflow vulnerability in the activation code input field that allows local attackers to execute arbitrary code by supplying a malicious activation code string. Attackers can craft a buffer containing 608 bytes of junk data followed by shellcode and SEH chain overwrite values to trigger code execution when the activation dialog processes the input.

Exploits (1)

exploitdb WORKING POC

by Chris Au · pythonlocalwindows

https://www.exploit-db.com/exploits/46670

View Code ZIP pw:eip

This is a functional local buffer overflow exploit for River Past Cam Do 3.7.6, leveraging a structured exception handler (SEH) overwrite to achieve arbitrary code execution (calc.exe). The exploit generates a malicious activation code file that triggers the vulnerability when pasted into the application.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: River Past Cam Do 3.7.6

No auth needed

Prerequisites: Victim must paste the malicious activation code into the application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Mar 24, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit exploit

ExploitDB-46670

https://www.exploit-db.com/exploits/46670

Product product

Official Product Homepage

http://www.flexhex.com

Product product

Product Reference

https://en.softonic.com/download/river-past-cam-do/windows/post-download?sl=1

Third Party Advisory third-party-advisory

VulnCheck Advisory: River Past Cam Do 3.7.6 Local Buffer Overflow in Activation Code

https://www.vulncheck.com/advisories/river-past-cam-do-local-buffer-overflow-in-activation-code

Scores

CVSS v3 8.4

EPSS 0.0024

EPSS Percentile 15.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-434

Status published

Products (2)

Flexhex/River Past Cam Do 3.7.6

river_past_cam_do_project/river_past_cam_do < 3.7.6

Published Mar 24, 2026

Tracked Since Mar 24, 2026