CVE-2024-25004

HIGH

KiTTY < 0.76.1.13 - Stack-Based Buffer Overflow via Username Input

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-25004. PoCs published by DEFCESCO.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in KiTTY 0.76.1.13 via the 'Start Duplicated Session Username' feature. It uses a ROP chain and shellcode to achieve remote code execution, leveraging a bind shell payload generated by Metasploit.

Description

KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the username, occurs due to insufficient bounds checking and input sanitization (at line 2600). This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution.

Exploits (1)

exploitdb WORKING POC
by DEFCESCO · pythonlocalwindows
https://www.exploit-db.com/exploits/51891

This exploit demonstrates a buffer overflow vulnerability in KiTTY 0.76.1.13 via the 'Start Duplicated Session Username' feature. It uses a ROP chain and shellcode to achieve remote code execution, leveraging a bind shell payload generated by Metasploit.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: KiTTY 0.76.1.13
No auth needed
Prerequisites: Target must be running KiTTY 0.76.1.13 or earlier · Attacker must be able to send crafted input to the application
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (5)

Core 5

Scores

CVSS v3 7.8
EPSS 0.0178
EPSS Percentile 75.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-787
Status published
Products (1)
9bis/kitty < 0.76.1.13
Published Feb 09, 2024
Tracked Since Feb 18, 2026