CVE-2019-25628

CRITICAL

Download Accelerator Plus DAP 10.0.6.0 SEH Buffer Overflow

Title source: cna

Description

Download Accelerator Plus DAP 10.0.6.0 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting malicious URLs. Attackers can create specially crafted URLs with overflowing buffer data that overwrites SEH pointers and executes embedded shellcode when imported through the application's web page import functionality.

Exploits (1)

exploitdb WORKING POC

by Peyman Forouzan · pythonlocalwindows

https://www.exploit-db.com/exploits/46673

View Code ZIP pw:eip

References (4)

[Exploit] https://www.exploit-db.com/exploits/46673

[Product] http://www.speedbit.com/dap/

[Product] http://www.speedbit.com/dap/download/downloading.asp

[Third Party Advisory] https://www.vulncheck.com/advisories/download-accelerator-plus-dap-seh-buffer-overflow

Scores

CVSS v3 9.8

EPSS 0.0024

EPSS Percentile 47.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-787

Status published

Products (1)

Speedbit/Download Accelerator Plus DAP 10.0.6.0 #

Published Mar 24, 2026

Tracked Since Mar 24, 2026