Critical severityNVD Advisory· Published Aug 13, 2025· Updated Apr 15, 2026

CVE-2012-10058

Description

RabidHamster R4 v1.25 contains a stack-based buffer overflow vulnerability due to unsafe use of sprintf() when logging malformed HTTP requests. A remote attacker can exploit this flaw by sending a specially crafted URI, resulting in arbitrary code execution under the context of the web server process.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

aluigi.altervista.org/adv/r4_1-adv.txtnvd
advisories.checkpoint.com/defense/advisories/public/2013/cpai-07-jan405.htmlnvd
raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/rabidhamster_r4_log.rbnvd
www.exploit-db.com/exploits/18929nvd
www.rabidhamster.org/R4/download.phpnvd
www.vulncheck.com/advisories/rabidhamster-r4-log-entry-buffer-overflownvd

News mentions

No linked articles in our index yet.

cvss	0.585
epss	0.047
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000