LanSpy 2.0.1.159 Vulnerability: Local Buffer Overflow Leads to Code Execution

The National Vulnerability Database (NVD) highlights CVE-2018-25268, a local buffer overflow vulnerability in LanSpy 2.0.1.159. This critical flaw allows an attacker to overwrite the instruction pointer by feeding an oversized input into the application’s scan field. The NVD details that a crafted payload, specifically 688 bytes of padding followed by 4 bytes of controlled data, can either crash the application or, more critically, achieve arbitrary code execution.

Rated with a CVSS v3.1 score of 8.4 (HIGH), this vulnerability carries significant risk. While it requires local access (AV:L), the low attack complexity (AC:L) and lack of required privileges (PR:N) make it a potent threat once an attacker has a foothold. The impact is severe across confidentiality, integrity, and availability (C:H, I:H, A:H), aligning with CWE-787, which pertains to out-of-bounds writes.

For defenders, this means any system running LanSpy 2.0.1.159 is exposed. While the affected products list isn’t specified beyond the version, the implications are clear: local code execution is a game-over scenario for that endpoint. It’s a reminder that even older, seemingly innocuous network tools can harbor critical flaws waiting to be exploited by a persistent adversary.