top of page
perceptive_background_267k.jpg

LanSpy 2.0.1.159 contains a local buffer overflow vulnerability in the scan section that allows local attackers to execute arbitrary code by exploiting structur…

Published:

21 April 2026 at 22:00:00

Alert date:

22 April 2026 at 22:11:22

Source:

nvd.nist.gov

Click to open the original link from this advisory

Network Infrastructure, Security Tools

CVE-2018-25265 affects LanSpy version 2.0.1.159, a network scanning tool. The vulnerability is a local buffer overflow in the scan section that allows attackers to execute arbitrary code. Exploitation involves structured exception handling (SEH) mechanisms and egghunter techniques to locate and execute shellcode. Attackers can manipulate the SEH chain and perform controlled jumps to achieve code execution. This requires local access to the system running the vulnerable LanSpy application.

Technical details

Mitigation steps:

Affected products:

LanSpy

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2018-25265
https://lizardsystems.com
https://www.exploit-db.com/exploits/46018
https://www.vulncheck.com/advisories/lanspy-local-buffer-overflow

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page