{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T16:37:11.390","vulnerabilities":[{"cve":{"id":"CVE-2012-10058","sourceIdentifier":"disclosure@vulncheck.com","published":"2025-08-13T21:15:30.290","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[{"sourceIdentifier":"disclosure@vulncheck.com","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"RabidHamster R4 v1.25 contains a stack-based buffer overflow vulnerability due to unsafe use of sprintf() when logging malformed HTTP requests. A remote attacker can exploit this flaw by sending a specially crafted URI, resulting in arbitrary code execution under the context of the web server process."},{"lang":"es","value":"RabidHamster R4 v1.25 contiene una vulnerabilidad de desbordamiento de búfer en la pila debido al uso inseguro de sprintf() al registrar solicitudes HTTP malformadas. Un atacante remoto puede explotar esta vulnerabilidad enviando una URI especialmente manipulada, lo que provoca la ejecución de código arbitrario en el contexto del proceso del servidor web."}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"references":[{"url":"http://aluigi.altervista.org/adv/r4_1-adv.txt","source":"disclosure@vulncheck.com"},{"url":"https://advisories.checkpoint.com/defense/advisories/public/2013/cpai-07-jan405.html","source":"disclosure@vulncheck.com"},{"url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/rabidhamster_r4_log.rb","source":"disclosure@vulncheck.com"},{"url":"https://www.exploit-db.com/exploits/18929","source":"disclosure@vulncheck.com"},{"url":"https://www.rabidhamster.org/R4/download.php","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/rabidhamster-r4-log-entry-buffer-overflow","source":"disclosure@vulncheck.com"},{"url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/rabidhamster_r4_log.rb","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}}]}