VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Apr 16, 2026

CVE-2004-1793

CVE-2004-1793

Description

Stack-based buffer overflow in YaSoft Switch Off 2.3 allows remote authenticated users to execute arbitrary code via a long message parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Stack-based buffer overflow in YaSoft Switch Off 2.3 allows remote authenticated users to execute arbitrary code via a long message parameter.

Vulnerability

A stack-based buffer overflow vulnerability exists in the swnet.dll module of YaSoft Switch Off versions 2.3 and earlier. This flaw is triggered by insufficient bounds checking when handling the message parameter within a SendMsg action to action.htm. [1]

Exploitation

An attacker must first authenticate to the vulnerable server. If a password is set, the attacker needs to log in before sending a malicious request. The exploit involves sending an excessively long message parameter to the action.htm endpoint, which causes the buffer overflow. [1]

Impact

Successful exploitation allows a remote attacker to execute arbitrary code on the affected system. The scope and privilege level of the compromise depend on the context in which the YaSoft Switch Off service is running. [1]

Mitigation

YaSoft Switch Off versions 2.3 and earlier are affected. No specific patched version or release date is disclosed in the available references. It is recommended to upgrade to a non-vulnerable version if available, or to implement network-level access controls to prevent unauthenticated access to the affected service. [1]

References
  1. YaSoft Switch Off 2.3 - 'swnet.dll' Remote Buffer Overflow

AI Insight generated on Jun 7, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

17
  • Yatsoft/Switch Off17 versions
    cpe:2.3:a:yatsoft:switch_off:0.7:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:a:yatsoft:switch_off:0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:yatsoft:switch_off:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:yatsoft:switch_off:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:yatsoft:switch_off:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:yatsoft:switch_off:1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:yatsoft:switch_off:1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:yatsoft:switch_off:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:yatsoft:switch_off:1.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:yatsoft:switch_off:1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:yatsoft:switch_off:1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:yatsoft:switch_off:1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:yatsoft:switch_off:1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:yatsoft:switch_off:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:yatsoft:switch_off:2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:yatsoft:switch_off:2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:yatsoft:switch_off:2.3:*:*:*:*:*:*:*
    • (no CPE)range: <=2.3

Patches

0

No patches discovered yet.

Vulnerability mechanics

Root cause

"Insufficient bounds checking in swnet.dll allows for a buffer overflow when processing the 'message' parameter."

Attack vector

A remote authenticated user can trigger this vulnerability by sending a long 'message' parameter in a SendMsg action to action.htm. The vulnerability exists in the 'swnet.dll' module due to insufficient bounds checking. This overflow may allow a remote user to execute arbitrary code on the vulnerable server [ref_id=1]. If a password is set, the attacker must first log in to the server before sending the malicious request [ref_id=1].

Affected code

The vulnerability resides within the swnet.dll module of YaSoft Switch Off. Specifically, the 'action.htm' file handles the 'SendMsg' action, which is susceptible to a buffer overflow when processing the 'message' parameter.

What the fix does

The advisory does not specify a patch or provide details on how the vulnerability is fixed. Remediation guidance suggests updating to a non-vulnerable version of the software.

Preconditions

  • authThe attacker must be authenticated to the server. If a password is set, the attacker must have logged in prior to sending the malicious request.
  • networkThe attacker must have network access to the vulnerable server.
  • inputThe attacker must send a crafted request with an excessively long 'message' parameter.

Generated on Jun 7, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

7

News mentions

0

No linked articles in our index yet.