CVE-2018-25275
Buffer Overflow in Faleemi Plus 1.0.2 Causes Application Crash
Publication date: 2026-04-26
Last updated on: 2026-04-26
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| faleemi | plus | 1.0.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2018-25275 is a buffer overflow vulnerability in Faleemi Plus version 1.0.2. It allows local attackers to crash the application by providing oversized input strings. Specifically, attackers can paste a 2000-byte payload into the Camera name and DID number fields during the process of adding a camera, which triggers the application to crash.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in Faleemi Plus 1.0.2 is a local buffer overflow that allows attackers to crash the application by supplying oversized input strings. This results in an availability impact (application crash) but does not affect confidentiality or integrity.
Since the vulnerability does not lead to unauthorized access, data leakage, or data modification, it has limited direct impact on compliance with data protection standards such as GDPR or HIPAA, which primarily focus on protecting confidentiality and integrity of personal and health data.
However, the denial of service caused by the crash could affect system availability, which may be a consideration under some regulatory frameworks that require systems to be reliable and available.
How can this vulnerability impact me? :
This vulnerability can impact you by causing the Faleemi Plus application to crash when an attacker supplies oversized input strings. This denial of service could disrupt normal operations of the application, potentially leading to downtime or loss of availability.