{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-1587","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2025-02-22T15:53:35.997Z","datePublished":"2025-02-23T15:00:08.136Z","dateUpdated":"2025-04-02T20:49:13.087Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2025-04-02T20:49:13.087Z"},"title":"SourceCodester Telecom Billing Management System Add New Record main.cpp addrecords buffer overflow","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-120","lang":"en","description":"Buffer Overflow"}]},{"descriptions":[{"type":"CWE","cweId":"CWE-119","lang":"en","description":"Memory Corruption"}]}],"affected":[{"vendor":"SourceCodester","product":"Telecom Billing Management System","versions":[{"version":"1.0","status":"affected"}],"modules":["Add New Record"]}],"descriptions":[{"lang":"en","value":"A vulnerability was found in SourceCodester Telecom Billing Management System 1.0. It has been rated as critical. This issue affects the function addrecords of the file main.cpp of the component Add New Record. The manipulation of the argument name/phonenumber leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well."},{"lang":"de","value":"Eine Schwachstelle wurde in SourceCodester Telecom Billing Management System 1.0 ausgemacht. Sie wurde als kritisch eingestuft. Dies betrifft die Funktion addrecords der Datei main.cpp der Komponente Add New Record. Durch das Manipulieren des Arguments name/phonenumber mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden muss der Angriff lokal. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":4.8,"vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":5.3,"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":5.3,"vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":4.3,"vectorString":"AV:L/AC:L/Au:S/C:P/I:P/A:P"}}],"timeline":[{"time":"2025-02-22T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2025-02-22T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2025-04-02T22:17:37.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"wsh2023 (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.296567","name":"VDB-296567 | SourceCodester Telecom Billing Management System Add New Record main.cpp addrecords buffer overflow","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.296567","name":"VDB-296567 | CTI Indicators (IOB, IOC, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.505363","name":"Submit #505363 | SourceCodester Telecom Billing Management System  V1.0 Buffer Overflow","tags":["third-party-advisory"]},{"url":"https://github.com/wshRE/CVE/issues/1","tags":["exploit","issue-tracking"]},{"url":"https://www.sourcecodester.com/","tags":["product"]}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-02-24T15:19:25.983486Z","id":"CVE-2025-1587","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-02-24T15:19:41.168Z"}}]}}