CVE-2018-25245

HIGH

7 Tik 1.0.1.0 Denial of Service via Search

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-25245. PoCs published by 0xB9.

AI-analyzed exploit summary This Python script generates a buffer overflow payload (7700 'A' characters) to trigger a Denial of Service (DoS) in the 7 Tik application version 1.0.1.0. The payload is written to a file, which is then manually pasted into the application's search bar to crash it.

Description

7 Tik 1.0.1.0 contains a denial of service vulnerability that allows attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 7700 characters into the search bar to trigger an application crash.

Exploits (1)

exploitdb WORKING POC

by 0xB9 · pythondoswindows

https://www.exploit-db.com/exploits/46197

View Code ZIP pw:eip

This Python script generates a buffer overflow payload (7700 'A' characters) to trigger a Denial of Service (DoS) in the 7 Tik application version 1.0.1.0. The payload is written to a file, which is then manually pasted into the application's search bar to crash it.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: 7 Tik 1.0.1.0

No auth needed

Prerequisites: Python to generate the payload · Manual interaction to paste the payload into the application

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Apr 07, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit exploit

ExploitDB-46197

https://www.exploit-db.com/exploits/46197

Product product

Product Reference

https://www.microsoft.com/store/productId/9NQL2QC8S935

Third Party Advisory

VulnCheck Advisory: Microsoft 7 Tik 1.0.1.0 Denial of Service via Search

https://www.vulncheck.com/advisories/microsoft-7-tik-denial-of-service-via-search

Third Party Advisory third-party-advisory

VulnCheck Advisory: 7 Tik 1.0.1.0 Denial of Service via Search

https://www.vulncheck.com/advisories/7-tik-denial-of-service-via-search

Scores

CVSS v3 7.5

EPSS 0.0032

EPSS Percentile 23.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-601

Status published

Products (1)

7Tik/7 Tik 1.0.1.0

Published Apr 04, 2026

Tracked Since Apr 04, 2026