CVE-2018-25344— 10-Strike Network Inventory Explorer 8.54 Buffer Overflow SEH
Possible ATT&CK Techniques 2AI
T1059 · Command and Scripting Interpreter T1203 · Exploitation for Client ExecutionAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| 10-Strike | Network Inventory Explorer | 8.54 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-25344
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
10-Strike Network Inventory Explorer 8.54 Buffer Overflow SEH
Source: NVD (National Vulnerability Database)
Vulnerability Description
10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering a structured exception handler overwrite. Attackers can craft a malicious registration key string with 4188 bytes of padding followed by SEH chain values and shellcode, then paste it into the registration dialog to achieve code execution with application privileges.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
栈缓冲区溢出
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| 10-Strike | Network Inventory Explorer | 8.54 | - |
II. Public POCs for CVE-2018-25344
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-25344
请登录查看更多情报信息。
Vendor Advisories for CVE-2018-25344 (1)
Exploits & Public PoCs for CVE-2018-25344 (1)
IV. Related Vulnerabilities
Same vendor: 10-Strike
- CVE-2018-25345
10-Strike Network Scanner 3.0 Local Buffer Overflow SEH - CVE-2018-25255
10-Strike LANState 8.8 Local Buffer Overflow SEH - CVE-2020-37021
Bandwidth Monitor 3.9 - 'Svc10StrikeBandMontitor' Unquoted S - CVE-2021-47772
10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overf - CVE-2021-47767
10-Strike Network Inventory Explorer Pro 9.31 - 'srvInventor
Same weakness: CWE-121
- CVE-2026-9461
Edimax EW-7438RPn formRadius stack-based overflow - CVE-2026-9460
Edimax EW-7438RPn formAccept stack-based overflow - CVE-2026-9459
Edimax EW-7438RPn formConnectionSetting stack-based overflow - CVE-2026-9431
Tenda F1202 PptpUserAdd fromPptpUserAdd stack-based overflow - CVE-2026-9430
Tenda F1202 GstDhcpSetSerof formGstDhcpSetSer stack-based ov
V. Comments for CVE-2018-25344
No comments yet