CVE-2018-25345

10-Strike Network Scanner 3.0 Local Buffer Overflow SEH

CVSS 8.6 HIGHEPSS 0.2%CWE-120

Vexday Risk Score

41Attention

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS 8.6EPSS 0.2%KEV nãoPoC públicaNuclei —Metasploit —Patch —

Lifecycle

23 May 2026Published on NVD

Recommendation: Plan a near-term fix — a public PoC already exists.

10-Strike Network Scanner 3.0 contains a local buffer overflow vulnerability in the host name field that allows attackers to bypass SafeSEH protections and execute arbitrary code. Attackers can craft a malicious payload in the host name or address field and trigger the vulnerability through the Trace route or System information functions to achieve code execution.

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

10-Strike · Network Scanner

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/44841unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.10-strike.com/https://www.exploit-db.com/exploits/44841 https://www.vulncheck.com/advisories/10-strike-network-scanner-local-buffer-overflow-seh