CVE-2018-25344

HIGH

10-Strike Network Inventory Explorer 8.54 Buffer Overflow SEH

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-25344. PoCs published by Hashim Jawad.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in 10-Strike Network Inventory Explorer 8.54 by overwriting the SEH handler with a crafted payload, leading to remote code execution via a bind shell.

Description

10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering a structured exception handler overwrite. Attackers can craft a malicious registration key string with 4188 bytes of padding followed by SEH chain values and shellcode, then paste it into the registration dialog to achieve code execution with application privileges.

Exploits (1)

exploitdb WORKING POC

by Hashim Jawad · pythonlocalwindows_x86

https://www.exploit-db.com/exploits/44840

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow vulnerability in 10-Strike Network Inventory Explorer 8.54 by overwriting the SEH handler with a crafted payload, leading to remote code execution via a bind shell.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: 10-Strike Network Inventory Explorer 8.54

No auth needed

Prerequisites: Access to the 'Enter Registration Key' dialog in the application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed May 24, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit exploit

ExploitDB-44840

https://www.exploit-db.com/exploits/44840

Product product

Official Product Homepage

https://www.10-strike.com/

Third Party Advisory third-party-advisory

VulnCheck Advisory: 10-Strike Network Inventory Explorer 8.54 Buffer Overflow SEH

https://www.vulncheck.com/advisories/10-strike-network-inventory-explorer-buffer-overflow-seh

Scores

CVSS v3 8.4

EPSS 0.0019

EPSS Percentile 9.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-121

Status published

Products (1)

10-Strike/Network Inventory Explorer 8.54

Published May 23, 2026

Tracked Since May 24, 2026