CVE-2018-25230

Free IP Switcher 3.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Computer Name field. Attackers can paste a malicious payload into the Computer Name input field and click Activate to trigger a denial of service condition that crashes the application.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
http://www.eusing.com/index.html	Product
http://www.eusing.com/ipscan/free_ip_scanner.htm	Product
https://www.exploit-db.com/exploits/46382	Exploit VDB Entry
https://www.vulncheck.com/advisories/free-ip-switcher-denial-of-service-via-computer-name	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:eusing:free_ip_switcher:*:*:*:*:*:*:*:*

History

08 Apr 2026, 17:31

Type	Values Removed	Values Added
Summary		(es) Free IP Switcher 3.1 contiene una vulnerabilidad de desbordamiento de búfer que permite a atacantes locales bloquear la aplicación al proporcionar una cadena excesivamente larga en el campo Computer Name. Los atacantes pueden pegar una carga útil maliciosa en el campo de entrada Computer Name y hacer clic en Activate para desencadenar una condición de denegación de servicio que bloquea la aplicación.
First Time		Eusing free Ip Switcher Eusing
CPE		cpe:2.3:a:eusing:free_ip_switcher::::::::
References	~~() http://www.eusing.com/index.html -~~	() http://www.eusing.com/index.html - Product
References	~~() http://www.eusing.com/ipscan/free_ip_scanner.htm -~~	() http://www.eusing.com/ipscan/free_ip_scanner.htm - Product
References	~~() https://www.exploit-db.com/exploits/46382 -~~	() https://www.exploit-db.com/exploits/46382 - Exploit, VDB Entry
References	~~() https://www.vulncheck.com/advisories/free-ip-switcher-denial-of-service-via-computer-name -~~	() https://www.vulncheck.com/advisories/free-ip-switcher-denial-of-service-via-computer-name - Third Party Advisory

30 Mar 2026, 12:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-30 12:16

Updated : 2026-04-08 17:31

NVD link : CVE-2018-25230

Mitre link : CVE-2018-25230

CVE.ORG link : CVE-2018-25230

JSON object : View

Products Affected

eusing

free_ip_switcher

CWE

CWE-787

Out-of-bounds Write

5.5 /10