Vulnerabilities ›

CVE-2018-25266

Medium

CWE-787 — Weakness Type

                    Published: Apr 22, 2026                      ·  Modified: Apr 25, 2026                      ·  Source: NVD                

CVSS v3

6.2

🔗 NVD Official

📄 Description (English)

Angry IP Scanner 3.5.3 contains a buffer overflow vulnerability in the preferences dialog that allows local attackers to crash the application by supplying an excessively large string. Attackers can generate a file containing a massive buffer of repeated characters and paste it into the unavailable value field in the display preferences to trigger a denial of service.

🤖 AI Executive Summary

Angry IP Scanner 3.5.3 contains a buffer overflow vulnerability in the preferences dialog that can be exploited by local attackers to cause denial of service. The vulnerability requires user interaction (pasting a malicious string into the display preferences field) and affects the application's stability. While no public exploit is available and the CVSS score is moderate (6.2), organizations using this tool for network scanning should be aware of this local attack vector.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: May 22, 2026 05:32

🇸🇦 Saudi Arabia Impact Assessment

Saudi organizations using Angry IP Scanner for network administration and IT operations (particularly in banking, government, and telecom sectors) could experience service disruptions if local users with access to the application exploit this vulnerability. The impact is limited to local denial of service and does not enable remote code execution or data exfiltration. Government agencies (NCA, CITC) and financial institutions (SAMA-regulated banks) that rely on this tool for network diagnostics should assess their usage patterns and user access controls.

🏢 Affected Saudi Sectors

Government (NCA, CITC) Banking and Financial Services (SAMA-regulated) Telecommunications (STC, Mobily) Energy (ARAMCO) Healthcare IT Operations and Administration

🎯 MITRE ATT&CK Techniques

T1499 - Endpoint Denial of Service T1499.004 - Application Exhaustion Flood T1203 - Exploitation for Client Execution

⚖️ Saudi Risk Score (AI)

4.2

/ 10.0

🔧 Remediation Steps (English)

1. IMMEDIATE ACTIONS:

   - Restrict local access to Angry IP Scanner to trusted administrators only

   - Implement principle of least privilege for application usage

   - Monitor for unexpected application crashes or instability



2. PATCHING GUIDANCE:

   - No official patch is available for version 3.5.3

   - Consider upgrading to the latest available version of Angry IP Scanner if available

   - Evaluate alternative network scanning tools if updates are not forthcoming



3. COMPENSATING CONTROLS:

   - Disable or restrict access to the preferences dialog for non-administrative users

   - Use application whitelisting to control which users can execute Angry IP Scanner

   - Implement file integrity monitoring on configuration files

   - Restrict clipboard access for sensitive applications if possible



4. DETECTION RULES:

   - Monitor for repeated application crashes of Angry IP Scanner process

   - Alert on unusual clipboard operations followed by application termination

   - Track access to Angry IP Scanner preferences configuration files

   - Log failed application initialization events

🔧 خطوات المعالجة (العربية)

1. الإجراءات الفورية:

   - تقييد الوصول المحلي إلى Angry IP Scanner للمسؤولين الموثوقين فقط

   - تطبيق مبدأ الحد الأدنى من الامتيازات لاستخدام التطبيق

   - مراقبة أعطال التطبيق غير المتوقعة أو عدم الاستقرار



2. إرشادات التصحيح:

   - لا يوجد تصحيح رسمي متاح للإصدار 3.5.3

   - فكر في الترقية إلى أحدث إصدار متاح من Angry IP Scanner إن أمكن

   - قيّم أدوات المسح البديلة إذا لم تكن التحديثات متاحة



3. الضوابط البديلة:

   - تعطيل أو تقييد الوصول إلى نافذة التفضيلات للمستخدمين غير الإداريين

   - استخدام القائمة البيضاء للتطبيقات للتحكم في المستخدمين الذين يمكنهم تنفيذ Angry IP Scanner

   - تطبيق مراقبة سلامة الملفات على ملفات التكوين

   - تقييد الوصول إلى الحافظة للتطبيقات الحساسة إن أمكن



4. قواعد الكشف:

   - مراقبة أعطال التطبيق المتكررة لعملية Angry IP Scanner

   - تنبيه العمليات غير العادية للحافظة متبوعة بإنهاء التطبيق

   - تتبع الوصول إلى ملفات تكوين تفضيلات Angry IP Scanner

   - تسجيل أحداث فشل تهيئة التطبيق

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

A.5.1.1 - Information security policies and procedures A.6.1.1 - Access control policy A.6.2.1 - User registration and access rights management A.12.2.1 - Change management procedures

🔵 SAMA CSF

ID.AM-2 - Software inventory PR.AC-1 - Access control policy PR.AC-4 - Access rights management DE.CM-1 - System monitoring

🟡 ISO 27001:2022

A.5.1 - Management direction for information security A.6.1 - Internal organization A.6.2 - Mobile device and teleworking A.8.1 - User endpoint devices A.12.2 - Change management

🔗 References & Sources 3

🔗

https://angryip.org

disclosure@vulncheck.com

🔗

https://www.exploit-db.com/exploits/45993

disclosure@vulncheck.com

🔗

https://www.vulncheck.com/advisories/angry-ip-scanner-denial-of-service-via-preferences...

disclosure@vulncheck.com

📊 CVSS Score

6.2

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack VectorL — Low / Local

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityN — None / Network

IntegrityN — None / Network

AvailabilityH — High

📋 Quick Facts

Severity Medium

CVSS Score6.2

CWECWE-787

EPSS0.01%

Exploit No

Patch ✗ No

Published 2026-04-22

Source Feed nvd

🇸🇦 Saudi Risk Score

4.2

/ 10.0 — Saudi Risk

Priority: MEDIUM

🏷️ Tags

CWE-787

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2018-25266

Introduce Yourself

Sign In Required