CVE-2025-1868

Name of the Vulnerable Software and Affected Versions Advanced IP Scanner (affected versions not specified) Advanced Port Scanner (affected versions not specified)

Description The issue involves the unauthorized exposure of confidential information when the applications initiate a network scan, sending the NTLM hash of the user performing the scan. This can be exploited by intercepting network traffic to a legitimate server or by setting up a fake server, affecting both local and remote scenarios, and is relevant for both HTTP/HTTPS and SMB protocols.

Recommendations For Advanced IP Scanner, consider restricting the use of the network scan feature until a fix is available. For Advanced Port Scanner, avoid using the network scan functionality until the issue is resolved. As a temporary workaround, consider disabling the network scan feature in both applications to minimize the risk of exploitation.