Stack-based Buffer Overflow in Flexense DiskBoss Affects Unauthenticated Users
CVE-2018-5262

9.8CRITICAL

Key Information:

Vendor: Flexense
Status: Diskboss
Vendor: CVE Published:; 12 January 2018

What is CVE-2018-5262?

A stack-based buffer overflow in Flexense DiskBoss versions 8.8.16 and earlier poses a significant risk, enabling unauthenticated remote attackers to execute arbitrary code. This vulnerability allows unauthorized users to gain elevated privileges, potentially compromising the integrity and confidentiality of the system. It is crucial for users of affected versions to apply patches and manage their systems against this risk.

References

https://www.exploit-db.com/exploits/43478/

exploitx_refsource_EXPLOIT-DB

http://packetstormsecurity.com/files/145825/DiskBoss-Ente...

x_refsource_MISC

EPSS Score

42% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 12, 2018
Vulnerability Reserved
Jan 7, 2018