What is CVE-2025-34096?

CVE-2025-34096 is a vulnerability in Efs Software Inc. Easy File Sharing Http Server, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2025-07-10.

Is CVE-2025-34096 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Efs Software Inc. Easy File Sharing Http Server

CVE-2025-34096

A stack-based buffer overflow vulnerability exists in Easy File Sharing HTTP Server version 7.2. The flaw is triggered when a crafted POST request is sent to the /sendemail.ghp endpoint containing an overly long Email parameter. The applic…

Vulnerability class: Buffer Overflow

EPSS: 0.666 (98.6th percentile) — read the EPSS interpretation.

Affected products

Efs Software Inc. Easy File Sharing Http Server — versions 7.2

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

References

raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/w… (exploit)
www.exploit-db.com/exploits/42186 (exploit)
vulncheck/advisories/easy-file-sharing-http-server-buffer-overflow (third-party-advisory)

Frequently asked questions

What is CVE-2025-34096?: CVE-2025-34096 is a vulnerability in Efs Software Inc. Easy File Sharing Http Server, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2025-07-10.
Is CVE-2025-34096 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.