CVE-2018-25251

HIGH

Snes9K 0.0.9z Buffer Overflow SEH via Netplay Socket

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-25251. PoCs published by Abdullah Alıç.

AI-analyzed exploit summary This exploit leverages a buffer overflow vulnerability in Snes9K 0.0.9z via the 'Netplay --> Options' feature, specifically targeting the 'Socket Port Number' field. It uses a SEH-based overflow with a bind shell payload generated by msfvenom to achieve remote code execution on Windows XP SP3.

Description

Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craft a malicious payload and paste it into the Socket Port Number field via the Netplay Options menu to achieve code execution through SEH chain exploitation.

Exploits (1)

exploitdb WORKING POC

by Abdullah Alıç · pythonlocalwindows_x86

https://www.exploit-db.com/exploits/45598

View Code ZIP pw:eip

This exploit leverages a buffer overflow vulnerability in Snes9K 0.0.9z via the 'Netplay --> Options' feature, specifically targeting the 'Socket Port Number' field. It uses a SEH-based overflow with a bind shell payload generated by msfvenom to achieve remote code execution on Windows XP SP3.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Snes9K 0.0.9z

No auth needed

Prerequisites: Snes9K 0.0.9z installed on Windows XP SP3 · Attacker must trick victim into pasting payload into 'Socket Port Number' field

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Apr 07, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit exploit

ExploitDB-45598

https://www.exploit-db.com/exploits/45598

Product product

Official Product Homepage

https://sourceforge.net/projects/snes9k/

Product product

Product Reference

https://sourceforge.net/projects/snes9k/files/latest/download

Third Party Advisory third-party-advisory

VulnCheck Advisory: Snes9K 0.0.9z Buffer Overflow SEH via Netplay Socket

https://www.vulncheck.com/advisories/snes9k-9z-buffer-overflow-seh-via-netplay-socket

Scores

CVSS v3 8.4

EPSS 0.0019

EPSS Percentile 8.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-787

Status published

Products (1)

Sourceforge/Snes9K 0.0.9z 0.0.9z

Published Apr 04, 2026

Tracked Since Apr 04, 2026