CVE-2018-25344 HIGH

CVE-2018-25344: 10-Strike Network Inventory Explorer 8.54 Buffer Overflow SEH

Vendor 10-Strike
Product Network Inventory Explorer
Weakness CWE-121
Published May 23, 2026
Last update May 26, 2026

CVSS base score

8.6/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering a structured exception handler overwrite. Attackers can craft a malicious registration key string with 4188 bytes of padding followed by SEH chain values and shellcode, then paste it into the registration dialog to achieve code execution with application privileges.

Key dates

02Disclosure timeline

May 23, 2026 CVE published
May 26, 2026 Record updated

Related vulnerabilities

04Related CVE