Plattform
windows
Komponente
networkactiv-web-server
Behoben in
4.0.1
CVE-2018-25235 describes a buffer overflow vulnerability affecting NetworkActiv Web Server versions 4.0 Pre-Alpha-3.7.2 and earlier. This flaw allows local attackers to crash the application by providing a username string that exceeds the allocated buffer size. The vulnerability impacts systems running NetworkActiv Web Server and can result in a denial-of-service condition.
The impact of CVE-2018-25235 is a denial of service. A successful exploit results in NetworkActiv Web Server crashing, preventing it from serving web content. As with the other vulnerabilities, this is a local vulnerability, requiring an attacker to have access to the system running the web server. The attack involves crafting a username string exceeding the expected buffer size within the Security options interface. While a simple DoS, this could be combined with other vulnerabilities to potentially escalate privileges or gain further control of the system. The blast radius is limited to the affected NetworkActiv Web Server instance.
CVE-2018-25235 is not currently listed on KEV or EPSS. The CVSS score of 6.2 (MEDIUM) indicates a moderate probability of exploitation. Public proof-of-concept (POC) code is not widely available, but the vulnerability is relatively straightforward to exploit. The vulnerability was published on 2026-03-30 by the NVD.
Systems running NetworkActiv Web Server versions 4.0 Pre-Alpha-3.7.2 and earlier are at risk. This includes environments where the web server is used for internal applications or services, particularly those with limited security controls or where local access is readily available.
• windows / supply-chain:
Get-Process -Name NetworkActiv | Select-Object ProcessId, CPU, WorkingSet• windows / supply-chain:
Get-WinEvent -LogName Application -FilterXPath "*[System[Provider[@Name='NetworkActiv Web Server']]]" | Select-Object TimeCreated, ID, MessageExploit-Status
EPSS
0.01% (3% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2018-25235 is to upgrade to a patched version of NetworkActiv Web Server. If upgrading is not immediately feasible, restrict user access to the Security options interface to prevent malicious modification of the username field. A Web Application Firewall (WAF) is unlikely to be effective in this scenario due to the local nature of the vulnerability. Monitoring system logs for unusual process terminations related to NetworkActiv Web Server could provide early detection. There are no specific Sigma or YARA rules available for this vulnerability, but monitoring for crashes related to excessive username lengths could be a useful indicator. After upgrading, confirm the fix by attempting to set an excessively long username; the application should not crash.
Actualizar a una versión parcheada del software NetworkActiv Web Server. Contacte al proveedor para obtener la última versión o una solución alternativa.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2018-25235 is a buffer overflow vulnerability in NetworkActiv Web Server versions 4.0 Pre-Alpha-3.7.2 and earlier. It allows local attackers to crash the application via a long username string, leading to a denial-of-service.
You are affected if you are running NetworkActiv Web Server version 4.0 Pre-Alpha-3.7.2 or an earlier version. Check your installed version against the affected range.
Upgrade to a patched version of NetworkActiv Web Server. Unfortunately, a specific patched version is not provided in the CVE details. Input validation on the username field is a temporary workaround.
There is currently no indication of active exploitation of CVE-2018-25235.
Refer to the CVE details for links to relevant vendor advisories and security information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.