CVE-2018-25224 in PMSinfo

Summary

PMS 0.42 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious values in the configuration file. Attackers can craft configuration files with oversized input that overflows the stack buffer and execute shell commands via return-oriented programming gadgets.

Responsible

VulnCheck

Reservation

03/28/2026

Disclosure

03/28/2026

Entries

Published	Base	Temp	Vulnerability	CWE	Prod	Exp	Cou	EPSS	CTI	CVE
03/28/2026	6.8	6.6	PMS Configuration File missing authentication	306	Unknown	Proof-of-Concept	Not defined	0.00016	2.71	CVE-2018-25224

Show more

Description
Changes
Cyber Threat Intelligence
API/JSON

◂ PreviousOverviewNext ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!