CVE-2019-25733

HIGH

NetShareWatcher 1.5.8.0 SEH Buffer Overflow

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-25733. PoCs published by Peyman Forouzan.

AI-analyzed exploit summary This exploit demonstrates a SEH-based buffer overflow in NetShareWatcher 1.5.8.0, leveraging a crafted payload to achieve remote code execution (RCE) via a malicious input in the 'Restrictions' settings. The payload includes a NOP sled, SEH overwrite, and shellcode to spawn calc.exe.

Description

NetShareWatcher 1.5.8.0 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input. Attackers can craft a payload with overwritten SEH and NSEH pointers through the Restrictions custom filter field to trigger code execution when the Find function is invoked.

Exploits (1)

exploitdb WORKING POC

by Peyman Forouzan · pythonlocalwindows

https://www.exploit-db.com/exploits/46578

View Code ZIP pw:eip

This exploit demonstrates a SEH-based buffer overflow in NetShareWatcher 1.5.8.0, leveraging a crafted payload to achieve remote code execution (RCE) via a malicious input in the 'Restrictions' settings. The payload includes a NOP sled, SEH overwrite, and shellcode to spawn calc.exe.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: NetShareWatcher 1.5.8.0

No auth needed

Prerequisites: NetShareWatcher 1.5.8.0 installed on Windows XP SP2/SP3 · Ability to paste malicious input into the 'Restrictions' settings

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Jun 04, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit exploit

ExploitDB-46578

https://www.exploit-db.com/exploits/46578

Product product

Official Product Homepage

http://netsharewatcher.nsauditor.com

Product product

Product Reference

http://netsharewatcher.nsauditor.com/downloads/NetShareWatcher_setup.exe

Third Party Advisory third-party-advisory

VulnCheck Advisory: NetShareWatcher 1.5.8.0 SEH Buffer Overflow

https://www.vulncheck.com/advisories/netsharewatcher-seh-buffer-overflow

Scores

CVSS v3 8.4

EPSS 0.0015

EPSS Percentile 4.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-120

Status published

Products (1)

nsauditor/NetShareWatcher 1.5.8.0

Published Jun 04, 2026

Tracked Since Jun 04, 2026