← back
CVE-2019-25712

BlueAuditor 1.7.2.0 Buffer Overflow Denial of Service via Registration Key

CVSS 6.9 MEDIUMEPSS 0.2%CWE-787
BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration key field that allows local attackers to crash the application by submitting an oversized key value. Attackers can trigger a denial of service by entering a 256-byte buffer of repeated characters in the Key registration field, causing the application to crash during registration processing.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected products
NSauditor · BlueAuditor
public PoCs found1
cve_referencewww.exploit-db.com/exploits/46087unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.exploit-db.com/exploits/46087https://www.vulncheck.com/advisories/blueauditor-buffer-overflow-denial-of-service-via-registration-key