CVE-2023-43131

CRITICAL

General Device Manager 2.5.2.2 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-43131. PoCs published by Ahmet Ümit BAYRAM.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in General Device Manager 2.5.2.2 via SEH overwrite, using a reverse shell payload generated by msfvenom. The payload is delivered through the 'IP Address' field in the application's 'Add Device' functionality.

Description

General Device Manager 2.5.2.2 is vulnerable to Buffer Overflow.

Exploits (1)

exploitdb WORKING POC

by Ahmet Ümit BAYRAM · pythonlocalwindows

https://www.exploit-db.com/exploits/51641

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in General Device Manager 2.5.2.2 via SEH overwrite, using a reverse shell payload generated by msfvenom. The payload is delivered through the 'IP Address' field in the application's 'Add Device' functionality.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: General Device Manager 2.5.2.2

No auth needed

Prerequisites: Network access to the target system · User interaction to paste malicious input into the 'IP Address' field

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory, VDB Entry

https://www.exploit-db.com/exploits/51641

Scores

CVSS v3 9.8

EPSS 0.0090

EPSS Percentile 54.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-120

Status published

Products (1)

maxiguvenlik/general_device_manager 2.5.2.2

Published Sep 25, 2023

Tracked Since Feb 18, 2026