Donate Telegram

CVE-2018-25198

MEDIUM CVSS 4.0: 6.9

Mar 06, 2026

Updated Mar 06, 2026

Payload

Parameter	Value
CVSS	6.9 (MEDIUM)
Type	CWE-787 (Out-of-bounds Write (Запись за границами))
Vendor	Payload
Public PoC	Yes

eToolz 3.4.8.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying oversized input buffers. Attackers can create a payload file containing 255 bytes of data that triggers a buffer overflow condition when processed by the application.

Attack Parameters

Attack Vector

Local

Нужен локальный доступ

Attack Complexity

Low

Легко эксплуатировать

Attack Requirements

None

Нет дополнительных условий

Privileges Required

None

Права не нужны

User Interaction

None

Не нужно действие пользователя

Impact Assessment

Confidentiality

None

Нет утечки данных

Integrity

None

Нет модификации данных

Availability

High

Полный отказ в обслуживании

CVSS Vector v4.0

Weakness Type (CWE)

CWE-787 Out-of-bounds Write (Запись за границами)

References 2

https://www.exploit-db.com/exploits/45797

disclosure@vulncheck.com

https://www.vulncheck.com/advisories/etoolz-denial-of-service-via-buffer-overfl…

disclosure@vulncheck.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-29068

Payload

CVE-2025-55289

Payload

CVE-2026-27749

Payload

CVE-2026-28772

Payload

CVE-2023-31044

Payload

CVE Details

CVE ID

CVE-2018-25198

Published Date

Mar 06, 2026

Vendor

Payload

Severity

MEDIUM

CVSS v4.0 Score

6.9

Medium severity. Plan remediation.

Impact

Denial of Service

Source

Editor's Choice