PT-2026-26950 · Unknown · Rarmaradio
Victor Mondragón
·
Published
2026-03-22
·
Updated
2026-03-22
·
CVE-2019-25584
CVSS v3.1
6.2
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
RarmaRadio version 2.72.3
Description
The software contains a buffer overflow issue in the Server field within the Network settings. A local attacker can cause the application to crash by providing a string longer than 4000 bytes in the Server field through the Settings menu. The attacker pastes a malicious payload exceeding 4000 bytes into the
Server field.Recommendations
Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, limit the length of the input allowed in the
Server field within the Network settings to less than 4000 bytes.Exploit
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rarmaradio