CVE-2025-34108: CWE-121 Stack-based Buffer Overflow in Falconstor Software Disk Pulse Enterprise
A stack-based buffer overflow vulnerability exists in the login functionality of Disk Pulse Enterprise version 9.0.34. An attacker can send a specially crafted HTTP POST request to the /login endpoint with an overly long username parameter, causing a buffer overflow in the libspp.dll component. Successful exploitation allows arbitrary code execution with SYSTEM privileges.
AI Analysis
Technical Summary
This vulnerability is a stack-based buffer overflow (CWE-121) in Disk Pulse Enterprise 9.0.34's login process. An attacker can exploit this by sending a crafted HTTP POST request to the /login endpoint containing an excessively long username parameter, causing a buffer overflow in the libspp.dll library. This overflow enables arbitrary code execution with SYSTEM-level privileges, posing a critical risk to affected systems. The vulnerability is remotely exploitable without authentication and requires user interaction (UI:A). The CVSS 4.0 vector indicates network attack vector, low attack complexity, no privileges required, but user interaction needed, and high impact on confidentiality, integrity, and availability.
Potential Impact
Successful exploitation results in arbitrary code execution with SYSTEM privileges, allowing full control over the affected system. This can lead to complete compromise, data theft, system disruption, or further lateral movement within the network. The vulnerability is remotely exploitable via network without prior authentication but requires user interaction.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released by Falconstor Software, users should consider restricting access to the /login endpoint, implementing web application firewalls to detect and block malicious POST requests, and monitoring for unusual activity related to login attempts. Avoid exposing the affected version (9.0.34) to untrusted networks where possible.
CVE-2025-34108: CWE-121 Stack-based Buffer Overflow in Falconstor Software Disk Pulse Enterprise
Description
A stack-based buffer overflow vulnerability exists in the login functionality of Disk Pulse Enterprise version 9.0.34. An attacker can send a specially crafted HTTP POST request to the /login endpoint with an overly long username parameter, causing a buffer overflow in the libspp.dll component. Successful exploitation allows arbitrary code execution with SYSTEM privileges.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability is a stack-based buffer overflow (CWE-121) in Disk Pulse Enterprise 9.0.34's login process. An attacker can exploit this by sending a crafted HTTP POST request to the /login endpoint containing an excessively long username parameter, causing a buffer overflow in the libspp.dll library. This overflow enables arbitrary code execution with SYSTEM-level privileges, posing a critical risk to affected systems. The vulnerability is remotely exploitable without authentication and requires user interaction (UI:A). The CVSS 4.0 vector indicates network attack vector, low attack complexity, no privileges required, but user interaction needed, and high impact on confidentiality, integrity, and availability.
Potential Impact
Successful exploitation results in arbitrary code execution with SYSTEM privileges, allowing full control over the affected system. This can lead to complete compromise, data theft, system disruption, or further lateral movement within the network. The vulnerability is remotely exploitable via network without prior authentication but requires user interaction.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released by Falconstor Software, users should consider restricting access to the /login endpoint, implementing web application firewalls to detect and block malicious POST requests, and monitoring for unusual activity related to login attempts. Avoid exposing the affected version (9.0.34) to untrusted networks where possible.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulnCheck
- Date Reserved
- 2025-04-15T19:15:22.560Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 687654a5a83201eaaccea512
Added to database: 7/15/2025, 1:16:21 PM
Last enriched: 4/7/2026, 11:02:43 PM
Last updated: 5/9/2026, 3:14:29 PM
Views: 136
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.