Vulners
Lucene search
XiongMai uc-httpd 1.0.0 - Buffer Overflow
๐๏ธย 22 Jun 2026ย 05:20:07Reported byย ProjectDiscoveryTypeย 
ย nuclei๐ย github.com๐ย 25ย Views
| Reporter | Title | Published | Views | Family All 20 |
|---|---|---|---|---|
 | XiongMai uc-httpd 1.0.0 - Buffer Overflow Exploit | 9 Jun 201800:00 | โ | zdt |
 | Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Xiongmaitech Ahb7008F8-H_Firmware | 13 Apr 201807:43 | โ | githubexploit |
 | CVE-2018-10088 | 8 Jun 201800:00 | โ | attackerkb |
 | CVE-2018-10088 | 18 Jun 201809:04 | โ | circl |
 | XiongMai uc-httpd Buffer Overflow Vulnerability | 12 Jun 201800:00 | โ | cnvd |
 | XiongMai uc-httpd Buffer Overflow (CVE-2018-10088) | 29 Jul 201800:00 | โ | checkpoint_advisories |
 | CVE-2018-10088 | 8 Jun 201812:00 | โ | cve |
 | CVE-2018-10088 | 8 Jun 201812:00 | โ | cvelist |
 | XiongMai uc-httpd 1.0.0 - Buffer Overflow | 8 Jun 201800:00 | โ | exploitdb |
 | XiongMai uc-httpd 1.0.0 - Buffer Overflow | 8 Jun 201800:00 | โ | exploitpack |
10
id: CVE-2018-10088
info:
name: XiongMai uc-httpd 1.0.0 - Buffer Overflow
author: 0x_Akoko
severity: critical
description: |
Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725.
impact: |
Potential for remote code execution or denial of service when successfully exploited.
remediation: |
Update to the latest version of uc-httpd or apply security patches provided by the vendor.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2018-10088
- https://www.exploit-db.com/exploits/44864
- https://github.com/bitfu/uc-httpd-1.0.0-buffer-overflow-exploit
- https://github.com/KostasEreksonas/Besder-6024PB-XMA501-ip-camera-security-investigation
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2018-10088
cwe-id: CWE-119
epss-score: 0.40386
epss-percentile: 0.98461
cpe: cpe:2.3:a:xiongmaitech:uc-httpd:1.0.0:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: xiongmaitech
product: uc-httpd
shodan-query: cpe:"cpe:2.3:a:xiongmaitech:uc-httpd"
tags: cve,cve2018,xiongmai,buffer-overflow,rce,passive,vkev,vuln
http:
- method: GET
path:
- "{{BaseURL}}"
matchers:
- type: dsl
dsl:
- "status_code == 200"
- "contains(tolower(header), 'uc-httpd')"
- "compare_versions(version, '<= 1.0.0')"
condition: and
extractors:
- type: regex
name: version
part: header
group: 1
regex:
- '(?i)Server:\s*uc-httpd[/\s]+([0-9]+\.[0-9]+\.[0-9]+)'
internal: true
- type: dsl
dsl:
- 'version'
# digest: 4b0a00483046022100d053588ec12671fb3aec75351bced26100eee491df2a4ed69d8848dfde2b3089022100bfe1b68140ce91cd1e7c0ee69b810d9e78f4df2527fa733a4b7427af6695cae7:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Feb 2026 07:00Current
7.3High risk
Vulners AI Score7.3
CVSS 39.8
CVSS 210
EPSS0.40386