CVE-2024-1186

LOW

Munsoft Easy Archive Recovery 2.0 - Denial of Service in Registration Key Handler

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-1186. PoCs published by Ihsan Sencan.

AI-analyzed exploit summary This PoC demonstrates a denial-of-service vulnerability in Mumsoft Easy Software 2.0 by generating a 256-byte buffer overflow payload. The exploit targets the registration key input field, causing the application to crash when the payload is processed.

Description

A vulnerability classified as problematic was found in Munsoft Easy Archive Recovery 2.0. This vulnerability affects unknown code of the component Registration Key Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252676. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Exploits (1)

exploitdb WORKING POC

by Ihsan Sencan · pythondoswindows_x86-64

https://www.exploit-db.com/exploits/45884

View Code ZIP pw:eip

This PoC demonstrates a denial-of-service vulnerability in Mumsoft Easy Software 2.0 by generating a 256-byte buffer overflow payload. The exploit targets the registration key input field, causing the application to crash when the payload is processed.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Mumsoft Easy Software 2.0 (and related products)

No auth needed

Prerequisites: Access to the registration key input field in the target software

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Permissions Required vdb-entry

https://vuldb.com/?id.252676

Permissions Required signature permissions-required

https://vuldb.com/?ctiid.252676

Exploit exploit

https://fitoxs.com/vuldb/12-exploit-perl.txt

Third Party Advisory, VDB Entry exploit

https://www.exploit-db.com/exploits/45884

Scores

CVSS v3 3.3

EPSS 0.0036

EPSS Percentile 27.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-404

Status published

Products (1)

munsoft/easy_archive_recovery 2.0

Published Feb 02, 2024

Tracked Since Feb 18, 2026