CVE-2025-8760

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: INSTAR 2K+ and 4K version 3.11.1 Build 1124

Description: A buffer overflow issue exists in the fcgi server component due to the manipulation of the Authorization argument within the base64 decode function. This allows for remote exploitation of the issue.

Recommendations: INSTAR 2K+ and 4K version 3.11.1 Build 1124: As a temporary workaround, consider restricting access to the fcgi server component to minimize the risk of exploitation.

Fix

RCE

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

CVE-2025-8760

Affected Products

Instar 2K+

Instar 4K

CVE-2025-8760

Weakness Enumeration

Related Identifiers

Affected Products

References · 10