High severity8.4NVD Advisory· Published Mar 28, 2026· Updated Apr 8, 2026
CVE-2018-25225
CVE-2018-25225
Description
SIPP 3.3 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious input in the configuration file. Attackers can craft a configuration file with oversized values that overflow a stack buffer, overwriting the return address and executing arbitrary code through return-oriented programming gadgets.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- www.exploit-db.com/exploits/45288nvdExploitVDB Entry
- www.vulncheck.com/advisories/sipp-stack-based-buffer-overflow-via-configuration-filenvdThird Party Advisory
- sipp.sourceforge.netnvdProduct
News mentions
0No linked articles in our index yet.