CVE-2018-25265

Exploit

EPSS 0.21%
Veröffentlicht 22.04.2026 14:57:00
Zuletzt bearbeitet 27.04.2026 17:28:49
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

LanSpy 2.0.1.159 Local Buffer Overflow

LanSpy 2.0.1.159 contains a local buffer overflow vulnerability in the scan section that allows local attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious payloads using egghunter techniques to locate and execute shellcode, triggering code execution through SEH chain manipulation and controlled jumps.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Lizardsystems ≫ Lanspy Version <= 2.0.1.159

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.21%	0.105

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
disclosure@vulncheck.com	8.6	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
disclosure@vulncheck.com	8.4	2.5	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://lizardsystems.com

Product

https://www.exploit-db.com/exploits/46018

Exploit

VDB Entry

https://www.vulncheck.com/advisories/lanspy-local-buffer-overflow

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-25265

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-25265

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-25265

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2018-25265