VYPR
High severity8.4NVD Advisory· Published Mar 26, 2026· Updated Mar 31, 2026

CVE-2018-25218

CVE-2018-25218

Description

PassFab RAR Password Recovery 9.3.2 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a payload with a buffer overflow, NSEH jump, and shellcode, then paste it into the 'Licensed E-mail and Registration Code' field during registration to trigger code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:passfab:rar_password_recovery:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:passfab:rar_password_recovery:*:*:*:*:*:*:*:*range: <=9.3.2
    • (no CPE)range: =9.3.2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.