CVE-2019-25583
Denial of Service via Buffer Overflow in RarmaRadio Username Field
Publication date: 2026-03-22
Last updated on: 2026-03-24
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| raimersoft | rarmaradio | 2.72.3 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1282 | Immutable data, such as a first-stage bootloader, device identifiers, and "write-once" configuration settings are stored in writable memory that can be re-programmed or updated in the field. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2019-25583 is a denial of service vulnerability in RarmaRadio version 2.72.3. It occurs because the application does not properly handle excessively long input in the Username field under Settings > Network.
A local attacker can exploit this by pasting a buffer of 5000 bytes into the Username field, which causes the application to crash.
How can this vulnerability impact me? :
This vulnerability can cause the RarmaRadio application to crash, resulting in a denial of service condition.
Since the attack requires local access and no privileges or user interaction, an attacker with local access can disrupt the availability of the application.
The impact is limited to availability, with no direct impact on confidentiality or integrity.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability can be detected by attempting to reproduce the denial of service condition locally on the affected system running RarmaRadio 2.72.3. Specifically, you can create a text file containing 5000 'A' characters and then paste this content into the Username field under Settings > Network in the application. If the application crashes upon confirming the input, the vulnerability is present."}, {'type': 'paragraph', 'content': "There are no specific network detection commands since this is a local vulnerability triggered via the application's GUI. Detection involves manual testing rather than network scanning."}, {'type': 'list_item', 'content': 'Create a file named rarma_user.txt containing 5000 \'A\' characters (e.g., using a command like `python -c "print(\'A\'*5000)" > rarma_user.txt`).'}, {'type': 'list_item', 'content': 'Open the file, copy its contents to the clipboard.'}, {'type': 'list_item', 'content': 'Open RarmaRadio, navigate to Settings > Network, paste the clipboard content into the Username field, and click OK.'}, {'type': 'paragraph', 'content': 'If the application crashes, the vulnerability is confirmed.'}] [1, 2]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': "To mitigate this vulnerability immediately, avoid entering or pasting excessively long input (such as 5000 bytes) into the Username field in RarmaRadio's Settings > Network."}, {'type': 'paragraph', 'content': 'Restrict local access to the application to trusted users only, as the vulnerability requires local interaction.'}, {'type': 'paragraph', 'content': 'Monitor for application crashes and avoid using the vulnerable version 2.72.3 of RarmaRadio until a patched version is available.'}, {'type': 'paragraph', 'content': 'Consider contacting the vendor or checking their website for updates or patches that address this denial of service vulnerability.'}] [1, 2]