CVE-2025-1587

A vulnerability was found in SourceCodester Telecom Billing Management System 1.0. It has been rated as critical. This issue affects the function addrecords of the file main.cpp of the component Add New Record. The manipulation of the argument name/phonenumber leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

CVSS v3.0 7.8 HIGH

7.8^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/wshRE/CVE/issues/1	Exploit Issue Tracking Third Party Advisory
https://vuldb.com/?ctiid.296567	Permissions Required VDB Entry
https://vuldb.com/?id.296567	Third Party Advisory VDB Entry
https://vuldb.com/?submit.505363	Third Party Advisory VDB Entry
https://www.sourcecodester.com/	Product

Configurations

Configuration 1 (hide)

cpe:2.3:a:razormist:telecom_billing_management_system:1.0:*:*:*:*:*:*:*

History

14 May 2025, 21:17

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
First Time		Razormist Razormist telecom Billing Management System
CWE		CWE-120
CPE		cpe:2.3:a:razormist:telecom_billing_management_system:1.0:::::::*
References	~~() https://vuldb.com/?id.296567 -~~	() https://vuldb.com/?id.296567 - Third Party Advisory, VDB Entry
References	~~() https://www.sourcecodester.com/ -~~	() https://www.sourcecodester.com/ - Product
References	~~() https://vuldb.com/?ctiid.296567 -~~	() https://vuldb.com/?ctiid.296567 - Permissions Required, VDB Entry
References	~~() https://vuldb.com/?submit.505363 -~~	() https://vuldb.com/?submit.505363 - Third Party Advisory, VDB Entry
References	~~() https://github.com/wshRE/CVE/issues/1 -~~	() https://github.com/wshRE/CVE/issues/1 - Exploit, Issue Tracking, Third Party Advisory

02 Apr 2025, 21:15

Type	Values Removed	Values Added
Summary	A vulnerability was found in SourceCodester Telecom Billing Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file main.cpp of the component Add New Record. The manipulation of the argument name leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.	A vulnerability was found in SourceCodester Telecom Billing Management System 1.0. It has been rated as critical. This issue affects the function addrecords of the file main.cpp of the component Add New Record. The manipulation of the argument name/phonenumber leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
CVSS	v2 : ~~unknown~~ v3 : ~~5.3~~	v2 : unknown v3 : unknown
References	~~() https://vuldb.com/?id.296567 -~~	() https://vuldb.com/?id.296567 -
CWE	CWE-120 CWE-119

23 Feb 2025, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-23 15:15

Updated : 2025-05-14 21:17

NVD link : CVE-2025-1587

Mitre link : CVE-2025-1587

JSON object : View

Products Affected

razormist

telecom_billing_management_system

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

7.8 /10