diff --git a/renderdoc/os/posix/posix_network.cpp b/renderdoc/os/posix/posix_network.cpp
index ee91238cf..d52b272a9 100644
--- a/renderdoc/os/posix/posix_network.cpp
+++ b/renderdoc/os/posix/posix_network.cpp
@@ -344,6 +344,13 @@ bool ParseIPRangeCIDR(const char *str, uint32_t &ip, uint32_t &mask)
 
   int ret = sscanf(str, "%u.%u.%u.%u/%u", &a, &b, &c, &d, &num);
 
+  if(ret != 5 || a > 255 || b > 255 || c > 255 || d > 255 || num > 32)
+  {
+    ip = 0;
+    mask = 0;
+    return false;
+  }
+
   ip = MakeIP(a, b, c, d);
 
   if(num == 0)
@@ -356,6 +363,6 @@ bool ParseIPRangeCIDR(const char *str, uint32_t &ip, uint32_t &mask)
     mask = ((~0U) >> num) << num;
   }
 
-  return ret == 5;
+  return true;
 }
 };
diff --git a/renderdoc/os/win32/win32_network.cpp b/renderdoc/os/win32/win32_network.cpp
index 39586260b..4727ec02f 100644
--- a/renderdoc/os/win32/win32_network.cpp
+++ b/renderdoc/os/win32/win32_network.cpp
@@ -358,6 +358,13 @@ bool ParseIPRangeCIDR(const char *str, uint32_t &ip, uint32_t &mask)
 
   int ret = sscanf_s(str, "%u.%u.%u.%u/%u", &a, &b, &c, &d, &num);
 
+  if(ret != 5 || a > 255 || b > 255 || c > 255 || d > 255 || num > 32)
+  {
+    ip = 0;
+    mask = 0;
+    return false;
+  }
+
   ip = MakeIP(a, b, c, d);
 
   if(num == 0)
@@ -370,6 +377,6 @@ bool ParseIPRangeCIDR(const char *str, uint32_t &ip, uint32_t &mask)
     mask = ((~0U) >> num) << num;
   }
 
-  return ret == 5;
+  return true;
 }
 };