CVE-2018-25375

HIGH

SocuSoft iPod Photo Slideshow 8.05 Buffer Overflow SEH

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-25375. PoCs published by Shubham Singh.

AI-analyzed exploit summary This exploit leverages a buffer overflow vulnerability in SocuSoft iPod Photo Slideshow 8.05 via the 'Registration Name' and 'Registration Key' fields, using a SEH overwrite technique to execute a reverse shell payload. The payload is generated using msfvenom and avoids bad characters to ensure successful execution.

Description

SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft malicious input in the Registration Name and Registration Key fields to trigger a stack-based buffer overflow and execute a reverse shell payload.

Exploits (1)

exploitdb WORKING POC

by Shubham Singh · pythonlocalwindows_x86

https://www.exploit-db.com/exploits/45350

View Code ZIP pw:eip

This exploit leverages a buffer overflow vulnerability in SocuSoft iPod Photo Slideshow 8.05 via the 'Registration Name' and 'Registration Key' fields, using a SEH overwrite technique to execute a reverse shell payload. The payload is generated using msfvenom and avoids bad characters to ensure successful execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: SocuSoft iPod Photo Slideshow 8.05

No auth needed

Prerequisites: Python environment · msfvenom for payload generation · Network connectivity for reverse shell

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed May 25, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit exploit

ExploitDB-45350

https://www.exploit-db.com/exploits/45350

Product product

Product Reference

http://www.dvd-photo-slideshow.com/ipod-photo-slideshow.html

Third Party Advisory third-party-advisory

VulnCheck Advisory: SocuSoft iPod Photo Slideshow 8.05 Buffer Overflow SEH

https://www.vulncheck.com/advisories/socusoft-ipod-photo-slideshow-buffer-overflow-seh

Scores

CVSS v3 8.4

EPSS 0.0018

EPSS Percentile 7.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-121

Status published

Products (1)

SocuSoft/iPod Photo Slideshow 8.05

Published May 25, 2026

Tracked Since May 25, 2026