ГлавнаяУязвимости → CVE-2018-25307
8.4высокая

CVE-2018-25307

Описание

SysGauge Pro 4.6.12 contains a local buffer overflow vulnerability in the Register function that allows local attackers to overwrite the structured exception handler by supplying a crafted unlock key. Attackers can inject shellcode through the Unlock Key field during registration to execute arbitrary code with application privileges.

CVSS
Балл8.4 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.exploit-db.com/exploits/44455https://www.vulncheck.com/advisories/sysgauge-pro-local-buffer-overflow-seh