CVE-2018-25224
Published: 28 March 2026
Summary
CVE-2018-25224 is a high-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Kimtore Practical Music Search. Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 8.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2018-25224 is a stack-based buffer overflow vulnerability in PMS version 0.42. The flaw occurs during parsing of the configuration file, where attackers can supply oversized input to overflow the stack buffer, enabling arbitrary code execution through return-oriented programming (ROP) gadgets. It is classified under CWE-306 and carries a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Local unauthenticated attackers can exploit this vulnerability by crafting and supplying malicious configuration files to the affected PMS instance. Successful exploitation allows execution of arbitrary shell commands, granting high-impact confidentiality, integrity, and availability effects without requiring privileges or user interaction.
Advisories and references, including the PMS project site at https://pms.sourceforge.net, an Exploit-DB entry at https://www.exploit-db.com/exploits/44426, and a VulnCheck advisory at https://www.vulncheck.com/advisories/pms-stack-based-buffer-overflow-via-configuration-file, document the issue and provide further details on exploitation and potential mitigations. A public proof-of-concept exploit is available via Exploit-DB.
The vulnerability was published on 2026-03-28, with a confirmed exploit demonstrating practical exploitability.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2018-21706
Vulnerability details
PMS 0.42 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious values in the configuration file. Attackers can craft configuration files with oversized input that overflows the stack buffer and execute…
more
shell commands via return-oriented programming gadgets.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local stack buffer overflow in config parsing directly enables client-side exploitation for arbitrary code execution (T1203) and Unix shell command execution via ROP (T1059.004).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires validation of configuration file inputs to detect and reject oversized or malformed data that could trigger the stack buffer overflow.
Implements memory protections such as non-executable stacks and address space randomization to block exploitation of the buffer overflow via ROP gadgets for arbitrary code execution.
Mandates timely identification, reporting, and remediation of the specific stack-based buffer overflow flaw in PMS configuration parsing.