{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2018-25230", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-30T10:55:56.362Z", "datePublished": "2026-03-30T11:02:22.499Z", "dateUpdated": "2026-03-30T14:04:07.751Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-30T11:02:22.499Z"}, "datePublic": "2018-02-14T00:00:00.000Z", "title": "Free IP Switcher 3.1 Denial of Service via Computer Name", "descriptions": [{"lang": "en", "value": "Free IP Switcher 3.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Computer Name field. Attackers can paste a malicious payload into the Computer Name input field and click Activate to trigger a denial of service condition that crashes the application."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Out-of-bounds Write", "cweId": "CWE-787", "type": "CWE"}]}], "affected": [{"vendor": "Eusing", "product": "Free IP Switcher", "versions": [{"version": "3.1", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/46382", "name": "ExploitDB-46382", "tags": ["exploit"]}, {"url": "http://www.eusing.com/index.html", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "http://www.eusing.com/ipscan/free_ip_scanner.htm", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: Free IP Switcher 3.1 Denial of Service via Computer Name", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/free-ip-switcher-denial-of-service-via-computer-name"}], "credits": [{"lang": "en", "value": "Victor Mondrag\u00f3n", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-30T14:02:29.387326Z", "id": "CVE-2018-25230", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T14:04:07.751Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2018-25230", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-30T14:02:29.387326Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T14:03:48.343Z"}}], "cna": {"title": "Free IP Switcher 3.1 Denial of Service via Computer Name", "credits": [{"lang": "en", "type": "finder", "value": "Victor Mondrag\u00f3n"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.8, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Eusing", "product": "Free IP Switcher", "versions": [{"status": "affected", "version": "3.1"}]}], "datePublic": "2018-02-14T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/46382", "name": "ExploitDB-46382", "tags": ["exploit"]}, {"url": "http://www.eusing.com/index.html", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "http://www.eusing.com/ipscan/free_ip_scanner.htm", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/free-ip-switcher-denial-of-service-via-computer-name", "name": "VulnCheck Advisory: Free IP Switcher 3.1 Denial of Service via Computer Name", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "Free IP Switcher 3.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Computer Name field. Attackers can paste a malicious payload into the Computer Name input field and click Activate to trigger a denial of service condition that crashes the application."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-30T11:02:22.499Z"}}}, "cveMetadata": {"cveId": "CVE-2018-25230", "state": "PUBLISHED", "dateUpdated": "2026-03-30T14:04:07.751Z", "dateReserved": "2026-03-30T10:55:56.362Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-03-30T11:02:22.499Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:eusing:free_ip_switcher:*:*:*:*:*:*:*:*", "matchCriteriaId": "1EA53A3B-2C52-4D01-A611-3328415116AC", "versionEndIncluding": "3.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Free IP Switcher 3.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Computer Name field. Attackers can paste a malicious payload into the Computer Name input field and click Activate to trigger a denial of service condition that crashes the application."}, {"lang": "es", "value": "Free IP Switcher 3.1 contiene una vulnerabilidad de desbordamiento de b\u00fafer que permite a atacantes locales bloquear la aplicaci\u00f3n al proporcionar una cadena excesivamente larga en el campo Computer Name. Los atacantes pueden pegar una carga \u00fatil maliciosa en el campo de entrada Computer Name y hacer clic en Activate para desencadenar una condici\u00f3n de denegaci\u00f3n de servicio que bloquea la aplicaci\u00f3n."}], "id": "CVE-2018-25230", "lastModified": "2026-04-08T17:31:14.157", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-30T12:16:16.637", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "http://www.eusing.com/index.html"}, {"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "http://www.eusing.com/ipscan/free_ip_scanner.htm"}, {"source": "disclosure@vulncheck.com", "tags": ["Exploit", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/46382"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/free-ip-switcher-denial-of-service-via-computer-name"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.1"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Free IP Switcher", "source": "cna", "vendor": "Eusing"}, "product": "free_ip_switcher", "vendor": "eusing"}], "analysis": {"en": {"generated_at": "2026-04-08T18:37:44.236257+00:00", "value": {"mitigation_remediation": ["Check the vendor's website for security updates or patches for Free IP Switcher 3.1", "Apply the latest patch or upgrade to a secure version if available", "If a patch is unavailable, prevent the application from running on non\u2011essential systems or restrict local access to trusted users"], "summary": {"action": "Patch", "impact": "Denial of Service (Crash)"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the Free IP Switcher 3.1 application distributed by Eusing. No broader product or version range is specified beyond this release.", "description_and_impact": "A local buffer overflow allows an attacker to crash Free IP Switcher 3.1 by supplying an excessively long string in the Computer Name field. When the user clicks Activate, the application terminates unexpectedly, resulting in a denial of service. The issue is classified as a memory corruption weakness (CWE-787).", "risk_and_exploitability": "The CVSS score is 6.8, indicating a moderate severity. The EPSS probability is less than 1%, suggesting that exploitation is unlikely but still possible. The vulnerability is not listed in the CISA KEV catalog. Attackers must be able to interact locally with the affected workstation, for example by running the program or manipulating its input fields. No network exposure is required, so the attack vector is local."}}}}, "created": "2026-03-30T20:55:54.247399+00:00", "updated": "2026-04-08T20:00:44.892752+00:00", "vendors": ["eusing", "eusing$PRODUCT$free_ip_switcher"]}