Skip to content
CVSS 8.4 · HIGH

CVE-2018-25283

iSmartViewPro 1.5 contains a structured exception handling (SEH) buffer overflow vulnerability in the 'Save Path for Snapshot and Record file' field that allows local attackers to execute arbitrary code. Attackers can input a crafted payload exceeding 260 bytes through the System Setup interface to overwrite SEH records and execute shellcode with application privileges.

View on NVD

Analysis

iSmartViewPro is a niche IP camera viewing application not commonly used in software development or server infrastructure. The vulnerability is local and requires an attacker to have access to the configuration interface, which makes it less relevant for the community feed.

Severity

Score: 8.4(HIGH)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AV: LOCAL
AC: LOW
PR: NONE
UI: NONE
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH
Weakness (CWE): CWE-120

EPSS

Probability of exploitation (next 30 days): 0.0002 (0.0%)
Percentile: 4.4%
EPSS: 2026-05-06

Technical description

iSmartViewPro 1.5 contains a structured exception handling (SEH) buffer overflow vulnerability in the 'Save Path for Snapshot and Record file' field that allows local attackers to execute arbitrary code. Attackers can input a crafted payload exceeding 260 bytes through the System Setup interface to overwrite SEH records and execute shellcode with application privileges.

Published: 4/26/2026, 10:17:29 PM
Last modified: 4/27/2026, 6:55:32 PM

References

HomeEventsBlogResourcesTeam