What is CVE-2019-25607?

CVE-2019-25607 is a high-severity vulnerability in Labf Axessh, classified under Out-of-bounds Write. CVSS score: 8.4/10. Published 2026-03-22.

How severe is CVE-2019-25607?

High severity. CVSS v3 base score is 8.4 out of 10.

Buffer overflow in Labf Axessh

CVE-2019-25607

Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attackers to execute arbitrary code by supplying an excessively long filename. Attackers can overflow the buffer at offset 214 byt…

Vulnerability class: Buffer Overflow

EPSS: 0.000 (5.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.4 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Labf Axessh — versions 4.2

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

References

ExploitDB-46922 (exploit)
Official Product Homepage (product)
Product Reference (product)
Exploit DB (exploit)
Exploit DB (exploit)
VulnCheck Advisory: Axessh 4.2 Local Stack-based Buffer Overflow via Log File Name (third-party-advisory)

Frequently asked questions

What is CVE-2019-25607?: CVE-2019-25607 is a high-severity vulnerability in Labf Axessh, classified under Out-of-bounds Write. CVSS score: 8.4/10. Published 2026-03-22.
How severe is CVE-2019-25607?: High severity. CVSS v3 base score is 8.4 out of 10.