CVE-2020-37138

Name of the Vulnerable Software and Affected Versions 10-Strike Network Inventory Explorer version 9.03

Description The software contains a buffer overflow issue in the file import functionality that enables remote attackers to run code without authorization. An attacker can create a specially crafted text file with a malicious payload to trigger a stack-based buffer overflow and bypass data execution prevention using a ROP chain.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.