CVE-2018-25259
Received Received - Intake
Stack-Based Buffer Overflow in Terminal Services Manager 3.1 Enables Code Execution

Publication date: 2026-04-22

Last updated on: 2026-04-29

Assigner: VulnCheck

Description
Terminal Services Manager 3.1 contains a stack-based buffer overflow vulnerability in the computer names field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious input file with shellcode and jump instructions that overwrite the SEH handler pointer to execute calc.exe or other payloads when imported through the add computers wizard.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-22
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-04-22
EPSS Evaluated
2026-06-15
NVD
CVE-2018-25259
EUVD
EUVD-2018-21772
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
lizardsystems terminal_services_manager to 3.1 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Detection Guidance

Detection of this vulnerability involves identifying if Terminal Services Manager version 3.1 or earlier is in use and whether malicious input files have been imported through the "add computers" wizard.

Since the exploit requires a crafted input file with shellcode targeting the computer names field, monitoring for unusual or malformed input files imported into the application can help detect exploitation attempts.

No specific commands are provided in the available resources to detect this vulnerability directly.

Executive Summary

Terminal Services Manager 3.1 has a stack-based buffer overflow vulnerability in the computer names field. This flaw allows local attackers to execute arbitrary code by exploiting structured exception handling (SEH). Specifically, attackers can create a malicious input file containing shellcode and jump instructions that overwrite the SEH handler pointer. When this file is imported through the add computers wizard, the attacker’s code, such as calc.exe or other payloads, can be executed.

Impact Analysis

This vulnerability can allow a local attacker to execute arbitrary code on the affected system with potentially high impact. Because the attacker can run code of their choice, this may lead to unauthorized actions such as running malicious programs, gaining elevated privileges, or compromising system integrity and availability.

Mitigation Strategies

Immediate mitigation steps include preventing the import of untrusted or suspicious input files through the "add computers" wizard in Terminal Services Manager.

Since the vulnerability allows local attackers to execute arbitrary code without privileges or user interaction, restricting local access to the affected application and ensuring only trusted users can operate it is important.

Applying any available patches or updates from the vendor to fix the buffer overflow vulnerability is recommended.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2018-25259. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart