CVE Record: CVE-2025-1868

alert

Notice: Keyword searching of CVE Records is now available in the search box above. Keywords may include a CVE ID (e.g., CVE-2024-1234), or one or more keywords separated by a space (e.g., authorization, SQL Injection, cross site scripting, etc.). Learn more here.

alert

Notice: Keyword searching of CVE Records is now available in the search box above. Keywords may include a CVE ID (e.g., CVE-2024-1234), or one or more keywords separated by a space (e.g., authorization, SQL Injection, cross site scripting, etc.). Learn more here.

Expand or collapse notification button

Required CVE Record Information

Description

Vulnerability of unauthorized exposure of confidential information affecting Advanced IP Scanner and Advanced Port Scanner. It occurs when these applications initiate a network scan, inadvertently sending the NTLM hash of the user performing the scan. This vulnerability can be exploited by intercepting network traffic to a legitimate server or by setting up a fake server, in both local and remote scenarios. This exposure is relevant for both HTTP/HTTPS and SMB protocols.

CWE 1 Total

CWE-200: CWE-200

CVSS 1 Total

Product Status

Versions 1 Total

Default Status: unaffected

unaffected

Versions 1 Total

Default Status: unaffected

unaffected

Credits

Francisco Javier Medina Munuera finder
Pedro Gabaldón Juliá finder
Alejandro Baño Andrés finder
Antonio José Gálvez Sánchez finder

References 1 Total

https://www.incibe.es/en/incibe-cert/notices/aviso/information-display-multiple-products-famatech-corp
external site

Authorized Data Publishers