CVE-2019-25660 PUBLISHED

LanHelper 1.74 Denial of Service via Buffer Overflow

Assigner: VulnCheck
Reserved: 05.04.2026 Published: 05.04.2026 Updated: 05.04.2026

LanHelper 1.74 contains a local buffer overflow vulnerability that allows attackers to crash the application by sending excessively long input strings. Attackers can exploit the Form Send Message feature by pasting 6000 bytes of data into the Message text field to trigger a denial of service condition.

Metrics

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CVSS Score: 6.9

Product Status

Vendor Hainsoft
Product LanHelper
Versions
  • Version 1.74 is affected

Credits

  • Rafael Pedrero finder

References

Problem Types

  • Out-of-bounds Write CWE