CVE-2018-5410

HIGH

Dokan <1.2.0.1000 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-5410. PoCs published by Parvez Anwar.

AI-analyzed exploit summary This exploit leverages a stack-based buffer overflow in Dokany (dokan1.sys) to achieve privilege escalation on 32-bit Windows 7. It uses a token-stealing shellcode to elevate privileges to SYSTEM and spawns a command shell.

Description

Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a stack-based buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbitrary input that will trigger the vulnerability. This vulnerability was introduced in the 1.0.0.5000 version update.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Parvez Anwar · clocalwindows
https://www.exploit-db.com/exploits/46155

This exploit leverages a stack-based buffer overflow in Dokany (dokan1.sys) to achieve privilege escalation on 32-bit Windows 7. It uses a token-stealing shellcode to elevate privileges to SYSTEM and spawns a command shell.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Dokany 1.2.0.1000 (dokan1.sys)
No auth needed
Prerequisites: 32-bit Windows 7 with Dokany 1.2.0.1000 installed · Access to the Dokan_1 device handle
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
https://kb.cert.org/vuls/id/741315/
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/46155/
Third Party Advisory x_refsource_misc
https://cwe.mitre.org/data/definitions/121.html
Patch, Third Party Advisory x_refsource_confirm
https://github.com/dokan-dev/dokany/releases/tag/v1.2.1.1000
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/106274

Scores

CVSS v3 7.8
EPSS 0.0098
EPSS Percentile 77.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-121 CWE-787
Status published
Products (2)
dokan-dev/dokany 1.0.0.5000 - 1.2.0.1000
dokan_project/dokan 1.0.0.5000 - 1.2.0.1000
Published Jan 07, 2019
Tracked Since Feb 18, 2026