cbcvebase.
CVE-2018-10088
published 2018-06-08

CVE-2018-10088: Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725.

PriorityP180critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
40.39%
98.5th percentile
Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725.

Affected

3 ranges
VendorProductVersion rangeFixed in
xiongmaitechmbd6304t_firmware
xiongmaitechnbd6808t-pl_firmware
xiongmaitechuc-httpd

Detection & IOCsextracted from sources · hover to see the quote

url/login.htm
commandPOST /login.htm HTTP/1.1 command=login&username=AAAA...&password=PoC
otherServer: uc-httpd/1.0.0
  • Detect exploitation attempts by matching HTTP POST requests to /login.htm with an oversized 'username' parameter (85+ 'A' characters) on TCP port 81, targeting XiongMai uc-httpd devices.
  • Identify vulnerable XiongMai uc-httpd 1.0.0 hosts by checking for the 'uc-httpd' string in the HTTP Server response header, version <= 1.0.0.
  • Use Shodan query cpe:"cpe:2.3:a:xiongmaitech:uc-httpd" to enumerate internet-exposed vulnerable devices.
  • The overflow is triggered via a 85-byte 'A' pattern in the username POST parameter; monitor for abnormally long username fields in POST requests to /login.htm.
  • ·The exploit proof-of-concept targets TCP port 81 specifically as tested on KKMoon DVR hardware; actual deployment port may vary across Xiongmai device models.
  • ·CVE-2018-10088 has unspecified impact and attack vectors per NVD; the exploit-db PoC demonstrates a crash/DoS condition but full RCE has not been publicly confirmed for this specific CVE.
  • ·This CVE is distinct from CVE-2017-16725 and CVE-2022-45460, though all three affect Xiongmai HTTP server components; detection rules should not conflate them.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.