← back
CVE-2019-25628

Download Accelerator Plus DAP 10.0.6.0 SEH Buffer Overflow

CVSS 9.3 CRITICALEPSS 0.8%CWE-787
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.3EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
24 Mar 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Download Accelerator Plus DAP 10.0.6.0 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting malicious URLs. Attackers can create specially crafted URLs with overflowing buffer data that overwrites SEH pointers and executes embedded shellcode when imported through the application's web page import functionality.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N