EUVD-2018-18691

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Uninitialized stack variable in nxfuse of DokanFS allows privilege escalation on Windows 7 and crashes on 8 and 10

Reporter	Title	Published	Views	Family All 10
0day.today	NoMachine x86 < 6.0.80 - nxfuse Privilege Escalation Exploit	22 Feb 201800:00	–	zdt
0day.today	NoMachine x64 < 6.0.80 - nxfuse Privilege Escalation Exploit	22 Feb 201800:00	–	zdt
Circl	CVE-2018-6947	23 Feb 201820:10	–	circl
CNVD	NoMachine 'nxfuse' elevation of privilege vulnerability	2 Mar 201800:00	–	cnvd
CVE	CVE-2018-6947	28 Feb 201822:00	–	cve
Cvelist	CVE-2018-6947	28 Feb 201822:00	–	cvelist
NVD	CVE-2018-6947	28 Feb 201822:29	–	nvd
OSV	CVE-2018-6947	28 Feb 201822:29	–	osv
Packet Storm	NoMachine nxfuse Privilege Escalation	23 Feb 201800:00	–	packetstorm
Prion	Code injection	28 Feb 201822:29	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "145e40b7-4ba2-3999-9365-5689d7a23d94",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "16135c96-ae60-3b81-a6b1-08626b81159b",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2018-6947
fidusinfosec	www.fidusinfosec.com/nomachine-road-code-execution-without-fuzzing-cve-2018-6947/
exploit-db	www.exploit-db.com/exploits/44168/
nomachine	www.nomachine.com/SU02P00194
exploit-db	www.exploit-db.com/exploits/44167/
nomachine	www.nomachine.com/SU02P00195
nomachine	www.nomachine.com/TR02P08408
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

7.7High risk

Vulners AI Score7.7

CVSS 37.8

CVSS 27.2

EPSS0.01768