anonhaven
Ad

CVE-2019-25712

MEDIUM CVSS 4.0: 6.9 EPSS 0.01%
Updated Apr 17, 2026
Nsasoft
Parameter Value
CVSS 6.9 (MEDIUM)
Type CWE-787 (Out-of-bounds Write)
Vendor Nsasoft
Public PoC Yes

BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration key field that allows local attackers to crash the application by submitting an oversized key value. Attackers can trigger a denial of service by entering a 256-byte buffer of repeated characters in the Key registration field, causing the application to crash during registration processing.

Attack Parameters

Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Attack Requirements
None
No additional conditions
Privileges Required
None
No privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
None
No data leak
Integrity
None
No data modification
Availability
High
Complete denial of service

CVSS Vector v4.0

Weakness Type (CWE)

CWE-787 Out-of-bounds Write

Vulnerable Products 1

Configuration From (including) Up to (excluding)
Nsasoft Blueauditor
cpe:2.3:a:nsasoft:blueauditor:1.7.2.0:*:*:*:*:*:*:*

References 2

https://www.exploit-db.com/exploits/46087
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/blueauditor-buffer-overflow-denial-of-serv…
disclosure@vulncheck.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2019-25711

Payload

6.9

CVE-2018-25213

Payload

8.6

CVE-2019-25597

Payload

6.9

CVE-2019-25596

Nsasoft

6.9

CVE-2019-25559

Nsasoft

6.8