← back
CVE-2018-25264

TransMac 12.2 Denial of Service via License Key Field

CVSS 6.9 MEDIUMEPSS 0.2%CWE-120
TransMac 12.2 contains a buffer overflow vulnerability in the license key input field that allows local attackers to crash the application by submitting an oversized string. Attackers can generate a payload file containing 4000 bytes of data, paste it into the License Key field, and trigger a denial of service condition.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected products
Acutesystems · TransMac
public PoCs found1
cve_referencewww.exploit-db.com/exploits/45493unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.exploit-db.com/exploits/45493https://www.vulncheck.com/advisories/transmac-denial-of-service-via-license-key-field