CVE-2018-25216

AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Attackers can paste a 10000-byte payload into the 'Image file name' parameter during the 'Copy disk to Image' operation to trigger a denial of service condition.

CVSS v3 6.2 MEDIUM

6.2^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.5 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
http://www.anyburn.com/	Product
https://www.exploit-db.com/exploits/46002	Exploit VDB Entry
https://www.vulncheck.com/advisories/anyburn-denial-of-service-local-buffer-overflow	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:powersoftware:anyburn:4.3:*:*:*:*:*:*:*

History

27 Mar 2026, 18:17

Type	Values Removed	Values Added
References	~~() http://www.anyburn.com/ -~~	() http://www.anyburn.com/ - Product
References	~~() https://www.exploit-db.com/exploits/46002 -~~	() https://www.exploit-db.com/exploits/46002 - Exploit, VDB Entry
References	~~() https://www.vulncheck.com/advisories/anyburn-denial-of-service-local-buffer-overflow -~~	() https://www.vulncheck.com/advisories/anyburn-denial-of-service-local-buffer-overflow - Third Party Advisory
Summary		(es) AnyBurn 4.3 contiene una vulnerabilidad local de desbordamiento de búfer que permite a atacantes locales bloquear la aplicación al proporcionar una cadena excesivamente larga en el campo del nombre del archivo de imagen. Los atacantes pueden pegar una carga útil de 10000 bytes en el parámetro 'Image file name' durante la operación 'Copy disk to Image' para desencadenar una condición de denegación de servicio.
CPE		cpe:2.3:a:powersoftware:anyburn:4.3:::::::*
First Time		Powersoftware anyburn Powersoftware

26 Mar 2026, 14:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-26 14:16

Updated : 2026-03-27 18:17

NVD link : CVE-2018-25216

Mitre link : CVE-2018-25216

CVE.ORG link : CVE-2018-25216

JSON object : View

Products Affected

powersoftware

anyburn

CWE

CWE-787

Out-of-bounds Write

{"id": "CVE-2018-25216", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}], "cvssMetricV40": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-03-26T14:16:05.507", "references": [{"url": "http://www.anyburn.com/", "tags": ["Product"], "source": "disclosure@vulncheck.com"}, {"url": "https://www.exploit-db.com/exploits/46002", "tags": ["Exploit", "VDB Entry"], "source": "disclosure@vulncheck.com"}, {"url": "https://www.vulncheck.com/advisories/anyburn-denial-of-service-local-buffer-overflow", "tags": ["Third Party Advisory"], "source": "disclosure@vulncheck.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "disclosure@vulncheck.com", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Attackers can paste a 10000-byte payload into the 'Image file name' parameter during the 'Copy disk to Image' operation to trigger a denial of service condition."}, {"lang": "es", "value": "AnyBurn 4.3 contiene una vulnerabilidad local de desbordamiento de b\u00fafer que permite a atacantes locales bloquear la aplicaci\u00f3n al proporcionar una cadena excesivamente larga en el campo del nombre del archivo de imagen. Los atacantes pueden pegar una carga \u00fatil de 10000 bytes en el par\u00e1metro 'Image file name' durante la operaci\u00f3n 'Copy disk to Image' para desencadenar una condici\u00f3n de denegaci\u00f3n de servicio."}], "lastModified": "2026-03-27T18:17:14.090", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:powersoftware:anyburn:4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4F52E00-1BD2-4AE7-B4B9-6ADF0138DBF4"}], "operator": "OR"}]}], "sourceIdentifier": "disclosure@vulncheck.com"}