Description
Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input to the DNS Lookup tool. Attackers can craft a payload with SEH chain overwrite and inject shellcode through the DNS Query field to achieve code execution with application privileges.
Published: 2026-03-26
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: Local Code Execution
Action: Immediate Patch
AI Analysis

Impact

Nsauditor 3.0.28.0 includes a structured exception handling buffer overflow in its DNS Lookup tool. By providing a crafted DNS Query that overwrites the SEH chain, a local attacker can inject shellcode and execute arbitrary code with the privileges of the application. This vulnerability is a classic memory corruption flaw categorized as CWE‑787, allowing an attacker to take control of the program flow once the payload is executed.

Affected Systems

The affected product is Nsauditor, specifically the DNS Lookup component of version 3.0.28.0. The flaw is local in nature, meaning attackers must have access to the system running the application to supply malicious input and trigger the buffer overflow.

Risk and Exploitability

With a CVSS score of 8.6, the flaw is considered high severity. The exploit requires local access, yet it can lead to full code execution at application level and potentially beyond. No exploit probability metric is available, and the vulnerability is not listed in CISA’s KEV catalog. Attackers can achieve exploitation by simply running a malicious DNS Query within the tool, making the attack straightforward for those with local privileges.

Generated by OpenCVE AI on March 26, 2026 at 15:06 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check the Nsauditor vendor site for an updated release that addresses the buffer overflow and install the patch immediately.
  • If no update is available, disable or remove the DNS Lookup tool from the system to eliminate the attack surface.
  • Consider restricting user privileges for running the Nsauditor application so that it does not run with higher-than-necessary rights.
  • Monitor system logs for signs of unexpected DNS Lookup activity or attempted SEH chain overflows.
  • Verify that any third‑party customization or scripts interacting with the DNS Lookup tool do not introduce additional risks.

Generated by OpenCVE AI on March 26, 2026 at 15:06 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 27 Mar 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Nsauditor
Nsauditor nsauditor Local Seh Buffer Overflow
Vendors & Products Nsauditor
Nsauditor nsauditor Local Seh Buffer Overflow

Thu, 26 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 26 Mar 2026 13:45:00 +0000

Type Values Removed Values Added
Description Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input to the DNS Lookup tool. Attackers can craft a payload with SEH chain overwrite and inject shellcode through the DNS Query field to achieve code execution with application privileges.
Title Nsauditor 3.0.28.0 Local SEH Buffer Overflow
Weaknesses CWE-787
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Nsauditor Nsauditor Local Seh Buffer Overflow
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-26T14:46:20.591Z

Reserved: 2026-03-26T13:15:11.554Z

Link: CVE-2018-25213

cve-icon Vulnrichment

Updated: 2026-03-26T14:46:13.896Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-26T14:16:04.933

Modified: 2026-03-26T15:13:15.790

Link: CVE-2018-25213

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T09:28:17Z

Weaknesses