Added: 03/16/2017
CVE: CVE-2017-6187
BID: 96401
Disk Savvy Enterprise is a disk space usage analyzer.
A buffer overflow in the built-in web server in Disk Savvy Enterprise could allow remote code execution when handling a long URI in a GET request.
Contact the vendor for a patch or fixed version when available.
<https://www.exploit-db.com/exploits/41436/>
The Disk Savvy Enterprise web server is disabled by default.
Exploit works on Disk Savvy Enterprise 9.4.18 on Windows 7 Professional SP1 x64 and Windows 10 Professional x64.
Windows 7
Windows 10