Description
A stack-based buffer overflow vulnerability exists in the login functionality of Disk Pulse Enterprise version 9.0.34. An attacker can send a specially crafted HTTP POST request to the /login endpoint with an overly long username parameter, causing a buffer overflow in the libspp.dll component. Successful exploitation allows arbitrary code execution with SYSTEM privileges.
Published: 2025-07-15
Score: 8.6 High
EPSS: 58.5% High
KEV: No
Impact: Remote Code Execution with SYSTEM privileges
Action: Immediate Patch
AI Analysis

Impact

The vulnerability is a stack-based buffer overflow triggered by an excessively long username in a login request. The overflow occurs in the libspp.dll component when processing the /login HTTP endpoint, allowing an attacker to overwrite control data and execute arbitrary code with SYSTEM privileges. This capability yields full compromise of the affected system.

Affected Systems

Falconstor Software’s Disk Pulse Enterprise, version 9.0.34, is affected.

Risk and Exploitability

The CVSS score of 8.6 and an EPSS of 58% indicate a high likelihood of exploitation. This is a remote exploitation scenario, where an attacker can remotely target the web application by sending a crafted POST request. An active exploit is available in Metasploit, confirming that attackers can achieve local privilege escalation to SYSTEM. The vulnerability is not listed in CISA KEV, but its severity and exploitability remain high.

Generated by OpenCVE AI on April 28, 2026 at 01:07 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Disk Pulse Enterprise to a version that removes the buffer overflow vulnerability.
  • Restrict network access to the /login endpoint, allowing only trusted IPs or internal hosts to reach the service.
  • Apply input validation to enforce an upper bound on the username length on the server side, or use a Web Application Firewall that blocks anomalous payloads.
  • Monitor application logs for abnormal POST requests and enforce rate limiting on login attempts.

Generated by OpenCVE AI on April 28, 2026 at 01:07 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-21435 A stack-based buffer overflow vulnerability exists in the login functionality of Disk Pulse Enterprise version 9.0.34. An attacker can send a specially crafted HTTP POST request to the /login endpoint with an overly long username parameter, causing a buffer overflow in the libspp.dll component. Successful exploitation allows arbitrary code execution with SYSTEM privileges.
History

Wed, 16 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00204}

Tue, 15 Jul 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 15 Jul 2025 13:15:00 +0000

Type Values Removed Values Added
Description A stack-based buffer overflow vulnerability exists in the login functionality of Disk Pulse Enterprise version 9.0.34. An attacker can send a specially crafted HTTP POST request to the /login endpoint with an overly long username parameter, causing a buffer overflow in the libspp.dll component. Successful exploitation allows arbitrary code execution with SYSTEM privileges.
Title Disk Pulse Enterprise 9.0.34 Login Stack Buffer Overflow
Weaknesses CWE-121
CWE-20
References
Metrics cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-07T14:09:35.626Z

Reserved: 2025-04-15T19:15:22.560Z

Link: CVE-2025-34108

cve-icon Vulnrichment

Updated: 2025-07-15T13:40:11.265Z

cve-icon NVD

Status : Deferred

Published: 2025-07-15T13:15:30.527

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-34108

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T01:15:15Z

Weaknesses