What is CVE-2012-10058?

CVE-2012-10058 is a vulnerability in Rabidhamster R4 Embedded Server, classified under Stack-based Buffer Overflow. Published 2025-08-13.

Is CVE-2012-10058 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Rabidhamster R4 Embedded Server

CVE-2012-10058

RabidHamster R4 v1.25 contains a stack-based buffer overflow vulnerability due to unsafe use of sprintf() when logging malformed HTTP requests. A remote attacker can exploit this flaw by sending a specially crafted URI, resulting in arbitr…

Vulnerability class: Buffer Overflow

EPSS: 0.586 (98.2th percentile) — read the EPSS interpretation.

Affected products

Rabidhamster R4 Embedded Server — versions 1.25

Weakness classification (CWE)

CWE-121 — Stack-based Buffer Overflow

Public proof-of-concept exploits

rapid7/metasploit-framework

References

raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/w… (exploit)
www.exploit-db.com/exploits/18929 (exploit)
aluigi.altervista.org/adv/r4_1-adv.txt (technical-description, exploit)
advisories.checkpoint.com/defense/advisories/public/2013/cpai-07-jan405.html (third-party-advisory)
www.rabidhamster.org/R4/download.php (product)
www.vulncheck.com/advisories/rabidhamster-r4-log-entry-buffer-overflow (third-party-advisory)

Frequently asked questions

What is CVE-2012-10058?: CVE-2012-10058 is a vulnerability in Rabidhamster R4 Embedded Server, classified under Stack-based Buffer Overflow. Published 2025-08-13.
Is CVE-2012-10058 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.