Critical severity9.8NVD Advisory· Published Apr 3, 2026· Updated Apr 7, 2026
CVE-2018-25237
CVE-2018-25237
Description
Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than 128 characters. Attackers can exploit improper bounds checking in password handling to overflow a fixed-size buffer and achieve denial of service or remote code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <05.3.03
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.