CVE-2023-4491 Information

Description

Buffer overflow vulnerability in Easy Address Book Web Server 1.6 version. The exploitation of this vulnerability could allow an attacker to send a very long username string to /searchbook.ghp asking for the name via a POST request resulting in arbitrary code execution on the remote machine.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-efs-software-products