High severity8.4NVD Advisory· Published Apr 22, 2026· Updated Apr 27, 2026

CVE-2018-25265

Description

LanSpy 2.0.1.159 contains a local buffer overflow vulnerability in the scan section that allows local attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious payloads using egghunter techniques to locate and execute shellcode, triggering code execution through SEH chain manipulation and controlled jumps.

Affected products

Lizardsystems/Lanspy
cpe:2.3:a:lizardsystems:lanspy:*:*:*:*:*:*:*:*
Range: <=2.0.1.159

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/46018nvdExploitVDB Entry
www.vulncheck.com/advisories/lanspy-local-buffer-overflownvdThird Party Advisory
lizardsystems.comnvdProduct

News mentions

No linked articles in our index yet.

cvss	0.546
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000