CVE-2018-25251

HIGH

Snes9K 0.0.9z Buffer Overflow SEH via Netplay Socket

Title source: cna

Description

Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craft a malicious payload and paste it into the Socket Port Number field via the Netplay Options menu to achieve code execution through SEH chain exploitation.

Exploits (1)

exploitdb WORKING POC

by Abdullah Alıç · pythonlocalwindows_x86

https://www.exploit-db.com/exploits/45598

View Code ZIP pw:eip

References (4)

[Exploit] https://www.exploit-db.com/exploits/45598

[Product] https://sourceforge.net/projects/snes9k/

[Product] https://sourceforge.net/projects/snes9k/files/latest/download

[Third Party Advisory] https://www.vulncheck.com/advisories/snes9k-9z-buffer-overflow-seh-via-netplay-socket

Scores

CVSS v3 8.4

EPSS 0.0001

EPSS Percentile 0.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-787

Status published

Products (1)

Sourceforge/Snes9K 0.0.9z 0.0.9z

Published Apr 04, 2026

Tracked Since Apr 04, 2026