{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2016-20045", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-28T11:38:52.207Z", "datePublished": "2026-03-28T11:58:06.173Z", "dateUpdated": "2026-03-28T11:58:06.173Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-28T11:58:06.173Z"}, "title": "HNB Organizer 1.9.18-10 Local Buffer Overflow via -rc Parameter", "descriptions": [{"lang": "en", "value": "HNB Organizer 1.9.18-10 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -rc command-line parameter. Attackers can craft a malicious input string exceeding 108 bytes containing shellcode and a return address to overwrite the stack and achieve code execution."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Out-of-bounds Write", "cweId": "CWE-787", "type": "CWE"}]}], "affected": [{"vendor": "hnb", "product": "HNB", "versions": [{"version": "1.9.18-10", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 8.6, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/40025", "name": "ExploitDB-40025", "tags": ["exploit"]}, {"url": "http://hnb.sourceforge.net/", "name": "Official Product Homepage", "tags": ["product"]}, {"name": "VulnCheck Advisory: HNB Organizer 1.9.18-10 Local Buffer Overflow via -rc Parameter", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/hnb-organizer-10-local-buffer-overflow-via-rc-parameter"}], "credits": [{"lang": "en", "value": "Juan Sacco - http://www.exploitpack.com - [email protected]", "type": "finder"}], "x_generator": {"engine": "vulncheck"}, "datePublic": "2016-06-27T00:00:00.000Z"}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "HNB Organizer 1.9.18-10 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -rc command-line parameter. Attackers can craft a malicious input string exceeding 108 bytes containing shellcode and a return address to overwrite the stack and achieve code execution."}], "id": "CVE-2016-20045", "lastModified": "2026-03-28T12:16:00.630", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2026-03-28T12:16:00.630", "references": [{"source": "[email protected]", "url": "http://hnb.sourceforge.net/"}, {"source": "[email protected]", "url": "https://www.exploit-db.com/exploits/40025"}, {"source": "[email protected]", "url": "https://www.vulncheck.com/advisories/hnb-organizer-10-local-buffer-overflow-via-rc-parameter"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "[email protected]", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.9.18-10"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "HNB", "source": "cna", "vendor": "hnb"}, "product": "hnb", "vendor": "hnb"}], "analysis": {"en": {"generated_at": "2026-03-28T13:52:14.315999+00:00", "value": {"mitigation_remediation": ["Upgrade HNB Organizer to a version newer than 1.9.18\u201110 if such a release exists.", "If no update is available, restrict execution of HNB Organizer to trusted users only and avoid passing untrusted input via the \u2013rc option.", "Consider disabling or removing the \u2013rc feature in shared or multi\u2011user environments.", "Monitor logs for abnormal crashes or execution failures that may indicate an attempted exploit."], "summary": {"action": "Immediate patch", "impact": "Local code execution via buffer overflow"}, "threat_synthesis": {"affected_systems": "This flaw affects HNB Organizer version 1.9.18\u201110. No other releases are listed as vulnerable in the available advisory. The vendor name is HNB.", "description_and_impact": "The vulnerability is a buffer overflow in the \u2013rc command\u2011line option of HNB Organizer 1.9.18\u201110. By providing an argument longer than 108 bytes, a local user can inject shellcode and an overwritten return address onto the stack, causing the program to execute arbitrary instructions with the privileges of the user running the application.", "risk_and_exploitability": "With a CVSS score of 8.6 the vulnerability is high severity, but it requires local access and the ability to supply a crafted command\u2011line argument. No EPSS score is provided and the vulnerability does not appear in CISA\u2019s KEV catalog, indicating limited publicly known exploitation. Attacks would be confined to systems where an unauthorized local user can run or influence HNB Organizer, so the attack vector is purely local."}}}}, "created": "2026-03-29T20:32:26.227193+00:00", "updated": "2026-03-30T06:59:20.410002+00:00", "vendors": ["hnb", "hnb$PRODUCT$hnb"]}