CVE-2018-25292

MEDIUM

Bome Restorator 1793 Denial of Service via Buffer Overflow

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-25292. PoCs published by Gionathan Reale.

AI-analyzed exploit summary This Python script generates a 4000-byte buffer overflow payload to trigger a Denial of Service (DoS) in Restorator 1793 by overwriting the 'Name' field. The exploit creates a file 'exploit.txt' containing the payload, which when pasted into the application causes a crash.

Description

Bome Restorator 1793 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can create a malicious payload exceeding 4000 bytes and paste it into the Name input field to trigger an application crash and denial of service.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Gionathan Reale · pythondoswindows_x86-64

https://www.exploit-db.com/exploits/45223

View Code ZIP pw:eip

This Python script generates a 4000-byte buffer overflow payload to trigger a Denial of Service (DoS) in Restorator 1793 by overwriting the 'Name' field. The exploit creates a file 'exploit.txt' containing the payload, which when pasted into the application causes a crash.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Restorator 1793

No auth needed

Prerequisites: Restorator 1793 installed on Windows 7 x64 · ability to paste payload into the 'Name' field

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Apr 26, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit exploit

ExploitDB-45223

https://www.exploit-db.com/exploits/45223

Product product

Official Product Homepage

https://www.bome.com/

Product product

Product Reference

https://www.bome.com/bome/downloads/Restorator2018_Full_1793.exe

Third Party Advisory third-party-advisory

VulnCheck Advisory: Bome Restorator 1793 Denial of Service via Buffer Overflow

https://www.vulncheck.com/advisories/bome-restorator-1793-denial-of-service-via-buffer-overflow

Scores

CVSS v3 6.2

EPSS 0.0014

EPSS Percentile 3.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-120

Status published

Products (1)

Bome/Restorator 1793

Published Apr 26, 2026

Tracked Since Apr 26, 2026