What is CVE-2018-25237?

CVE-2018-25237 is a critical-severity vulnerability in Belden Hirschmann Hisecos Classic Firewall (Eagle, Eagle One), classified under Buffer Copy without Checking Size of Input (Classic Buffer Overflow). CVSS score: 9.8/10. Published 2026-04-03.

How severe is CVE-2018-25237?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Buffer overflow in Belden Hirschmann Hisecos Classic Firewall (Eagle, Eagle One)

CVE-2018-25237

Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by s…

Vulnerability class: Buffer Overflow

EPSS: 0.001 (27.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Belden Hirschmann Hisecos Classic Firewall (Eagle, Eagle One) — versions 05.3.03, 0

Weakness classification (CWE)

CWE-120 — Buffer Copy without Checking Size of Input (Classic Buffer Overflow)

References

assets.belden.com/m/2d5657b3e5d721c6/original/Security-Bulletin-RADIUS-Authenti… (vendor-advisory)
www.vulncheck.com/advisories/hirschmann-hisecos-buffer-overflow-via-https-login (third-party-advisory)

Frequently asked questions

What is CVE-2018-25237?: CVE-2018-25237 is a critical-severity vulnerability in Belden Hirschmann Hisecos Classic Firewall (Eagle, Eagle One), classified under Buffer Copy without Checking Size of Input (Classic Buffer Overflow). CVSS score: 9.8/10. Published 2026-04-03.
How severe is CVE-2018-25237?: Critical severity. CVSS v3 base score is 9.8 out of 10.