CVE-2018-10388

CRITICAL

Open TFTP Server < 1.66 - Remote Code Execution via Format String in TFTP Error Packet

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-10388. PoCs published by 0xddaa.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2018-10388, a vulnerability in OpenTFTPD 1.66. The exploit includes a Docker environment for testing and multiple Python scripts demonstrating the vulnerability.

Description

Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet.

Exploits (1)

nomisec WORKING POC 3 stars

by 0xddaa · poc

https://github.com/0xddaa/CVE-2018-10388

View Code ZIP pw:eip

This repository contains a proof-of-concept exploit for CVE-2018-10388, a vulnerability in OpenTFTPD 1.66. The exploit includes a Docker environment for testing and multiple Python scripts demonstrating the vulnerability.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: OpenTFTPD 1.66

No auth needed

Prerequisites: Network access to the vulnerable OpenTFTPD server

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Patch, Third Party Advisory x_refsource_misc

https://sourceforge.net/p/tftp-server/discussion/550564/thread/a586ce62/

Scores

CVSS v3 9.8

EPSS 0.0436

EPSS Percentile 90.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-134

Status published

Products (1)

open_tftp_server_project/open_tftp_server < 1.66

Published Dec 23, 2019

Tracked Since Feb 18, 2026