CVE-2018-25268

HIGH 8.4

LanSpy 2.0.1.159 Local Buffer Overflow via Scan Field

CVSS Score

8.4

EPSS Score

0.0%

EPSS Percentile

0th

LanSpy 2.0.1.159 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying oversized input to the scan field. Attackers can craft a payload with 688 bytes of padding followed by 4 bytes of controlled data to crash the application or potentially achieve code execution.

CWE	CWE-787
Vendor	lizardsystems
Product	lanspy
Published	Apr 22, 2026
Last Updated	Apr 22, 2026

Stay Ahead of the Next One

Get instant alerts for lizardsystems lanspy

Be the first to know when new high vulnerabilities affecting lizardsystems lanspy are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Lizardsystems / LanSpy

2.0.1.159

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/45968 lizardsystems.com: https://lizardsystems.com vulncheck.com: https://www.vulncheck.com/advisories/lanspy-local-buffer-overflow-via-scan-field

Credits

Gionathan "John" Reale