Which versions of River Past Cam Do are affected by EUVD-2019-19992?

River Past Cam Do 3.7.6 contains a local buffer overflow vulnerability (CVE-2019-25626) that allows authenticated local users to achieve SYSTEM-level code execution through malicious activation…

Is there a public PoC exploit available for EUVD-2019-19992?

Yes, a public proof-of-concept exploit is available for EUVD-2019-19992. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate EUVD-2019-19992?

Within 24 hours: Inventory systems running River Past Cam Do version 3.7.6 or earlier and document business justification for each installation. Within 7 days: If continued use is required, implement OS-level exploit mitigation (Windows DEP/ASLR enforcement, disable SEH-based exploits via Control Flow Guard). Within 30 days: Plan migration to modern, actively-maintained multimedia software; establish EOL policy for River Past Cam Do across the organization.

River Past Cam Do EUVD-2019-19992

Q: What is the CVSS score of EUVD-2019-19992?

EUVD-2019-19992 has a CVSS 4.0 base score of 8.6 (High). CVSS vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

| CVE-2019-25626 HIGH

Unrestricted Upload of File with Dangerous Type (CWE-434)

2026-03-24 VulnCheck

GHSA-hqxh-7863-jx9r

RCE Buffer Overflow File Upload

8.6

CVSS 4.0

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Analysis Updated

Apr 27, 2026 - 13:43 vuln.today

v2 (cvss_changed)

Re-analysis Queued

Apr 27, 2026 - 13:37 vuln.today

cvss_changed

CVSS changed

Apr 27, 2026 - 13:37 NVD

8.4 (HIGH) 8.6 (HIGH)

PoC Detected

Mar 24, 2026 - 15:53 vuln.today

Public exploit code

EUVD ID Assigned

Mar 24, 2026 - 11:45 euvd

EUVD-2019-19992

Analysis Generated

Mar 24, 2026 - 11:45 vuln.today

CVE Published

Mar 24, 2026 - 11:27 nvd

HIGH 8.4

DescriptionNVD

River Past Cam Do 3.7.6 contains a local buffer overflow vulnerability in the activation code input field that allows local attackers to execute arbitrary code by supplying a malicious activation code string. Attackers can craft a buffer containing 608 bytes of junk data followed by shellcode and SEH chain overwrite values to trigger code execution when the activation dialog processes the input.

AnalysisAI

Local buffer overflow in River Past Cam Do 3.7.6's activation code field enables arbitrary code execution with SYSTEM privileges through specially crafted 608-byte input followed by shellcode and SEH chain overwrite. While exploitation requires local access and a publicly available exploit exists (Exploit-DB 46670), EPSS score of 0.01% indicates minimal real-world exploitation activity. The vulnerability affects a legacy multimedia application with no confirmed vendor patch, making it primarily relevant for environments still running this discontinued software.

Technical ContextAI

River Past Cam Do is a Windows multimedia capture application developed by FlexHEX. The vulnerability exploits a classic stack-based buffer overflow in the activation dialog's license key validation routine. When processing activation codes, the application fails to validate input length before copying to a fixed-size stack buffer. The attack leverages Structured Exception Handler (SEH) chain overwriting, a Windows exploitation technique where carefully positioned shellcode addresses overwrite exception handler pointers at predictable stack offsets. The CWE-434 (Unrestricted Upload of File with Dangerous Type) classification appears misaligned with the actual vulnerability mechanism - this is fundamentally a buffer overflow (CWE-120 or CWE-787) rather than a file upload issue, suggesting potential metadata inaccuracy in the original submission.

RemediationAI

No vendor-released patch identified at time of analysis - the product appears discontinued with no active vendor support. Primary remediation is complete removal of River Past Cam Do 3.7.6 from affected systems and migration to actively maintained multimedia capture software. For environments where removal is not immediately feasible, implement strict access controls limiting local system access to trusted users only, as the vulnerability requires local attack vector (AV:L). Deploy application whitelisting to prevent execution of River Past Cam Do binaries. Monitor for unexpected activation dialog invocations or process behavior. Note that file system permissions restricting access to the executable provide minimal protection since the vulnerability triggers during normal application usage by any local user. These compensating controls reduce but do not eliminate risk, and removal remains the only complete mitigation given absence of vendor support.

EUVD-2019-19992 vulnerability details – vuln.today

Back

River Past Cam Do EUVD-2019-19992

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

River Past Cam Do EUVD-2019-19992

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code