CVE-2018-25344

HIGH SEVERITY

CVSS Score & Metrics

Base Score

8.4 / 10

Vector String

                                        CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H                                    

Vulnerability Description

10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering a structured exception handler overwrite. Attackers can craft a malicious registration key string with 4188 bytes of padding followed by SEH chain values and shellcode, then paste it into the registration dialog to achieve code execution with application privileges.

Vulnerability Details

Published Date

May 23, 2026

Last Modified

May 23, 2026

CWE ID

CWE-121

Source

NVD

External References

https://www.10-strike.com/
https://www.exploit-db.com/exploits/44840
https://www.vulncheck.com/advisories/10-strike-network-inventory-explorer-buffer-overflow-seh

CVE-2018-25344

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment