CVE-2018-25296

MEDIUM 5.5

P10 Central Management Software 1.4.13 Denial of Service

CVSS Score

5.5

EPSS Score

0.0%

EPSS Percentile

0th

P10 Central Management Software 1.4.13 contains a buffer overflow vulnerability in the login password field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 2000-byte payload into the password field and click login to trigger an application crash and denial of service.

CWE	CWE-120
Vendor	p10
Product	central management software
Published	Apr 26, 2026

Stay Ahead of the Next One

Get instant alerts for p10 central management software

Be the first to know when new medium vulnerabilities affecting p10 central management software are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Affected Versions

P10 / Central Management Software

1.4.13

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/45207 ambientweather.com: https://www.ambientweather.com vulncheck.com: https://www.vulncheck.com/advisories/p10-central-management-software-denial-of-service

Credits

Gionathan "John" Reale