CVE-2018-25426

Published: Mag 30, 2026 Last Modified: Mag 30, 2026
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 8,7
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A
HIGH 7,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high

Description

AI Translation Available

WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malformed payload file containing a large buffer of repeated characters. Attackers can create a specially crafted input file with 238 bytes of data to trigger a buffer overflow condition that causes the application to crash.

120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Incomplete
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Confidentiality Availability
Potential Impacts:
Modify Memory Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu)
Applicable Platforms
Languages: Memory-Unsafe, C, C++, Assembly
Likelihood of Exploit: High
View CWE Details
https://www.exploit-db.com/exploits/45769
https://www.exploit-db.com/exploits/45769
https://www.vulncheck.com/advisories/winmtr-denial-of-servi…
https://www.vulncheck.com/advisories/winmtr-denial-of-service-via-buffer-overfl…
http://winmtr.net
http://winmtr.net
http://winmtr.net/winmtr_download/
http://winmtr.net/winmtr_download/