top of page
perceptive_background_267k.jpg

Arm Whois 3.11 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by supplying oversized input to the I…

Published:

31 May 2026 at 22:00:00

Alert date:

1 June 2026 at 23:04:16

Source:

nvd.nist.gov

Click to open the original link from this advisory

Network Infrastructure

Arm Whois version 3.11 contains a critical stack-based buffer overflow vulnerability (CVE-2018-25427) that allows remote attackers to execute arbitrary code. The vulnerability exists in the IP address or domain field input processing. Attackers can exploit this by providing malicious input exceeding 658 bytes containing shellcode. The exploit overwrites the structured exception handler (SEH) to gain command execution. This represents a high-severity remote code execution vulnerability in the network utility application.

Technical details

Mitigation steps:

Affected products:

Arm Whois 3.11

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2018-25427
http://www.armcode.com/
http://www.armcode.com/downloads/arm-whois.exe
https://www.exploit-db.com/exploits/45796
https://www.vulncheck.com/advisories/arm-whois-buffer-overflow-via-seh-overwrite

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page