CVE-2018-25292

MEDIUM

Bome Restorator 1793 Denial of Service via Buffer Overflow

Title source: cna

Description

Bome Restorator 1793 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can create a malicious payload exceeding 4000 bytes and paste it into the Name input field to trigger an application crash and denial of service.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Gionathan Reale · pythondoswindows_x86-64

https://www.exploit-db.com/exploits/45223

View Code ZIP pw:eip

References (4)

[Exploit] https://www.exploit-db.com/exploits/45223

[Product] https://www.bome.com/

[Product] https://www.bome.com/bome/downloads/Restorator2018_Full_1793.exe

[Third Party Advisory] https://www.vulncheck.com/advisories/bome-restorator-1793-denial-of-service-via-buffer-overflow

Scores

CVSS v3 6.2

EPSS 0.0001

EPSS Percentile 1.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-120

Status published

Products (1)

Bome/Restorator 1793

Published Apr 26, 2026

Tracked Since Apr 26, 2026