Description
Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input to the DNS Lookup tool. Attackers can craft a payload with SEH chain overwrite and inject shellcode through the DNS Query field to achieve code execution with application privileges.
Published: 2026-03-26
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: Local Arbitrary Code Execution
Action: Patch Immediately
AI Analysis

Impact

Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow in its DNS Lookup tool. By supplying a carefully crafted DNS Query that overwrites the SEH chain, a local user can inject shellcode and execute arbitrary code with the application's privileges. This flaw is a classic out‑of‑bounds memory write (CWE‑787) and provides direct code execution to any user who can run the vulnerable program.

Affected Systems

The vulnerability affects the Nsauditor software version 3.0.28.0 from the vendor Nsauditor. No other versions or products are listed as impacted in the available data.

Risk and Exploitability

The CVSS score of 8.6 indicates high severity, but the EPSS score of less than 1 % suggests a low probability of widespread exploitation. The vulnerability is not catalogued in the CISA KEV list. Attackers are limited to individuals with local access who can launch the DNS Lookup tool or a malicious query, as there is no remote trigger documented. Exploit code is available in public exploit databases, confirming the feasibility of local exploitation even if it remains uncommon.

Generated by OpenCVE AI on March 27, 2026 at 19:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install an updated Nsauditor version that fixes the SEH buffer overflow if one is available. If no patch exists, contact the vendor for a remedy. Until a fix is applied, disable or remove the DNS Lookup tool executable from shared machines to prevent accidental exploitation. Monitor local user activity for abnormal execution of the vulnerable program.

Generated by OpenCVE AI on March 27, 2026 at 19:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 27 Mar 2026 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Nsasoft
Nsasoft nsauditor
CPEs cpe:2.3:a:nsasoft:nsauditor:3.0.28:*:*:*:*:*:*:*
Vendors & Products Nsasoft
Nsasoft nsauditor

Fri, 27 Mar 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Nsauditor
Nsauditor nsauditor Local Seh Buffer Overflow
Vendors & Products Nsauditor
Nsauditor nsauditor Local Seh Buffer Overflow

Thu, 26 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 26 Mar 2026 13:45:00 +0000

Type Values Removed Values Added
Description Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input to the DNS Lookup tool. Attackers can craft a payload with SEH chain overwrite and inject shellcode through the DNS Query field to achieve code execution with application privileges.
Title Nsauditor 3.0.28.0 Local SEH Buffer Overflow
Weaknesses CWE-787
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Nsasoft Nsauditor
Nsauditor Nsauditor Local Seh Buffer Overflow
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-26T14:46:20.591Z

Reserved: 2026-03-26T13:15:11.554Z

Link: CVE-2018-25213

cve-icon Vulnrichment

Updated: 2026-03-26T14:46:13.896Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-26T14:16:04.933

Modified: 2026-03-27T18:24:09.897

Link: CVE-2018-25213

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T20:26:12Z

Weaknesses