CVE-2018-25344

Name of the Vulnerable Software and Affected Versions 10-Strike Network Inventory Explorer version 8.54

Description A stack-based buffer overflow exists in the registration key input field. This allows local attackers to execute arbitrary code with application privileges by triggering a structured exception handler (SEH) overwrite—a technique where the exception handling chain is corrupted to redirect program execution. Exploitation is achieved by pasting a malicious registration key string containing 4188 bytes of padding, followed by SEH chain values and shellcode, into the registration dialog.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.