CVE-2023-4590

HIGH

Frhed 1.6.0 - Buffer Overflow via Long Filename Argument

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-4590. PoCs published by dgndrn.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2023-4590, a buffer overflow vulnerability in Frhed (Free hex editor) v1.6.0. The exploit leverages a SEH overwrite with a crafted payload to achieve arbitrary code execution.

Description

Buffer overflow vulnerability in Frhed hex editor, affecting version 1.6.0. This vulnerability could allow an attacker to execute arbitrary code via a long filename argument through the Structured Exception Handler (SEH) registers.

Exploits (1)

nomisec WORKING POC 2 stars

by dgndrn · poc

https://github.com/dgndrn/CVE-2023-4590

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2023-4590, a buffer overflow vulnerability in Frhed (Free hex editor) v1.6.0. The exploit leverages a SEH overwrite with a crafted payload to achieve arbitrary code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Frhed (Free hex editor) v1.6.0

No auth needed

Prerequisites: Frhed v1.6.0 installed on the target system · Ability to execute Frhed.exe with a crafted payload as an argument

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory

https://www.incibe.es/en/incibe-cert/notices/aviso/buffer-overflow-vulnerability-frhed

Scores

CVSS v3 7.3

EPSS 0.0110

EPSS Percentile 61.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-120

Status published

Products (1)

kimmov/frhed 1.6.0

Published Nov 27, 2023

Tracked Since Feb 18, 2026