CVE-2025-1587

23.02.2025, 15:15

A vulnerability was found in SourceCodester Telecom Billing Management System 1.0. It has been rated as critical. This issue affects the function addrecords of the file main.cpp of the component Add New Record. The manipulation of the argument name/phonenumber leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Classic Buffer Overflow

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.3 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
VulDB	CNA	5.3 MEDIUM				CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 4%

Vendor	Product	Version
razormist	telecom_billing_management_system	1.0

𝑥

= Vulnerable software versions

Known Exploits!

https://github.com/wshRE/CVE/issues/1

Common Weakness Enumeration

References

https://github.com/wshRE/CVE/issues/1

https://vuldb.com/?ctiid.296567

https://vuldb.com/?id.296567

https://vuldb.com/?submit.505363

https://www.sourcecodester.com/