CVE-2020-37130

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Nsauditor version 3.2.0.0

Description The software contains a denial of service condition in the registration name input field. An attacker can cause the application to crash by providing a malicious payload of 1000 bytes of repeated characters in the registration name field. The application crashes when this payload is pasted into the registration name field.

Recommendations Apply a fix to the registration name input field to prevent application crashes caused by malicious payloads.

Exploit

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2020-37130

Affected Products

Nsauditor

CVE-2020-37130

Weakness Enumeration

Related Identifiers

Affected Products

References · 7