CVE-2018-25427 | THREATINT

Description

Arm Whois 3.11 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by supplying oversized input to the IP address or domain field. Attackers can craft malicious input exceeding 658 bytes with shellcode to overwrite the structured exception handler and gain command execution when the application processes the input.

PUBLISHED Reserved 2026-05-31 | Published 2026-06-01 | Updated 2026-06-02 | Assigner VulnCheck

CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

Stack-based Buffer Overflow

Product status

3.11

affected

Credits

Yair Rodríguez Aparicio (0-day DoS exploit), Semen Alexandrovich Lyhin (1-day fully working exploit) finder

References

www.exploit-db.com/exploits/45796 (ExploitDB-45796) exploit

www.armcode.com/ (Official Product Homepage) product

www.armcode.com/downloads/arm-whois.exe (Product Reference) product

www.vulncheck.com/...whois-buffer-overflow-via-seh-overwrite (VulnCheck Advisory: Arm Whois 3.11 Buffer Overflow via SEH Overwrite) third-party-advisory

cve.org (CVE-2018-25427)

nvd.nist.gov (CVE-2018-25427)

Download JSON