CVE-2018-12897

HIGH

SolarWinds DameWare Mini Remote Control < 12.1 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-12897. PoCs published by Xavi Beltran.

AI-analyzed exploit summary This exploit leverages a SEH-based buffer overflow in DameWare Remote Support 12.0.0.509 (CVE-2018-12897) to execute arbitrary shellcode, specifically launching calc.exe via a Unicode-compatible payload. The exploit uses a structured approach with alignment techniques to bypass memory protections.

Description

SolarWinds DameWare Mini Remote Control before 12.1 has a Buffer Overflow.

Exploits (1)

exploitdb WORKING POC
by Xavi Beltran · pythonlocalwindows
https://www.exploit-db.com/exploits/47126

This exploit leverages a SEH-based buffer overflow in DameWare Remote Support 12.0.0.509 (CVE-2018-12897) to execute arbitrary shellcode, specifically launching calc.exe via a Unicode-compatible payload. The exploit uses a structured approach with alignment techniques to bypass memory protections.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: DameWare Remote Support v12.0.0.509
No auth needed
Prerequisites: Access to the DameWare Remote Support interface · Ability to trigger the AMT Settings dialog with a crafted input
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.8
EPSS 0.0167
EPSS Percentile 73.8%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (1)
solarwinds/dameware_mini_remote_control < 12.1
Published Sep 07, 2018
Tracked Since Feb 18, 2026