CVE-2018-7886

HIGH

CloudMe Sync 1.11.0 - Unauthenticated Buffer Overflow via Local Port 8888

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-7886. PoCs published by Prasenjit Kanti Paul.

AI-analyzed exploit summary This exploit leverages a local buffer overflow in CloudMe Sync v1.11.0 by sending a crafted payload to port 8888, overwriting the EIP with a JMP ESP address and executing a reverse shell payload.

Description

An issue was discovered in CloudMe 1.11.0. An unauthenticated local attacker that can connect to the "CloudMe Sync" client application listening on 127.0.0.1 port 8888 can send a malicious payload causing a buffer overflow condition. This will result in code execution, as demonstrated by a TCP reverse shell, or a crash. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-6892.

Exploits (1)

exploitdb WORKING POC
by Prasenjit Kanti Paul · pythonlocalwindows
https://www.exploit-db.com/exploits/44470

This exploit leverages a local buffer overflow in CloudMe Sync v1.11.0 by sending a crafted payload to port 8888, overwriting the EIP with a JMP ESP address and executing a reverse shell payload.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: CloudMe Sync v1.11.0
No auth needed
Prerequisites: CloudMe Sync v1.11.0 installed on Windows 7 SP1 x86 · Local access to the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/44470/

Scores

CVSS v3 7.8
EPSS 0.0206
EPSS Percentile 78.8%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (1)
cloudme/sync 1.11.0
Published Mar 15, 2018
Tracked Since Feb 18, 2026