Advanced IP Scanner and Advanced Port Scanner NTLM Hash Exposure Vulnerability

Vulnerability

A vulnerability allowing unauthorized exposure of confidential information has been identified in Advanced IP Scanner (versions through 2.5.4594.1) and Advanced Port Scanner (versions through 2.5.3869). This vulnerability arises when the applications perform a network scan, unintentionally transmitting the NTLM hash of the user conducting the scan. The exposure can be exploited by intercepting network traffic to a legitimate server or by establishing a fake server, applicable in both local and remote contexts. This vulnerability affects HTTP, HTTPS, and SMB protocols.

Impact

Exploitation of this vulnerability leads to the unauthorized exposure of NTLM hashes, which can be used in NTLM relay attacks or to authenticate as the user in certain scenarios.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

4.7

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

4.7

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Advanced IP Scanner and Advanced Port Scanner NTLM Hash Exposure Vulnerability

Vulnerability

Impact

Affected Products

Famatech Advanced Port Scanner

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating