← back
CVE-2018-25263

Faleemi Desktop Software 1.8.2 Local Buffer Overflow SEH

CVSS 8.6 HIGHEPSS 0.1%CWE-120
Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craft a malicious payload and paste it into the Device alias field within the Managing Log interface to execute arbitrary code with calculator proof-of-concept execution.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
faleemi · Faleemi Desktop Software
public PoCs found1
cve_referencewww.exploit-db.com/exploits/45492unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://support.faleemi.com/fsc776/Faleemi_v1.8.exehttps://www.exploit-db.com/exploits/45492https://www.vulncheck.com/advisories/faleemi-desktop-software-local-buffer-overflow-seh