Primary

Context

Cmder Console Emulator Buffer Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

A buffer overflow vulnerability has been identified in Cmder Console Emulator version 1.3.18. This vulnerability allows attackers to create a malicious .cmd file that, when executed, overflows the application's buffer and causes it to crash, leading to a denial-of-service condition.

Impact

Exploitation of this vulnerability causes a denial-of-service condition by crashing the Cmder application.

Reproduction

To reproduce this vulnerability, create a .cmd file and write a payload consisting of repeated characters to overwhelm the buffer. Once the file is crafted, execute it using Cmder. The application will crash, demonstrating the denial-of-service condition.

Added: Jan 15, 2026, 4:28 PM

Updated: Jan 15, 2026, 4:28 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

0.6

exploitability

5.6

remediation

0.0

relevance

2.0

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

0.6

exploitability

5.6

remediation

0.0

relevance

2.0

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Cmder Console Emulator Buffer Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Reproduction

Affected Products

Cmder

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating