10-Strike Network Inventory Explorer
0 remedies
cpe:2.3:a:10-strike:network_inventory_explorer:*:*:*:*:*:*:*
0 remedies
- <= 8.54
10-Strike Network Inventory Explorer Stack-Based Buffer Overflow Vulnerability Allowing Arbitrary Code Execution
Vulnerability
A stack-based buffer overflow vulnerability has been identified in 10-Strike Network Inventory Explorer version 8.54. The issue resides in the registration key input field, where local attackers can execute arbitrary code by overwriting the structured exception handler. Exploitation involves crafting a malicious registration key string that includes 4188 bytes of padding followed by values targeting the SEH chain and shellcode. This crafted string can be pasted into the registration dialog, leading to code execution with the privileges of the application.
Impact
Exploitation of this vulnerability allows for arbitrary code execution with application privileges.
Reproduction
To reproduce this vulnerability, open the registration key input dialog. Paste a crafted string that includes 4188 bytes of padding, followed by the SEH chain overwrite values and the shellcode payload. Once the malicious string is pasted, click 'OK' to trigger the buffer overflow and execute the injected code.
Added: May 26, 2026, 9:19 PM
Updated: May 26, 2026, 9:19 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
7.5exploitability
4.0remediation
0.0relevance
8.7threat
6.4urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.