Description
X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the EIP register through a 264-byte buffer overflow. Attackers can inject shellcode into memory and use an egg hunter technique to locate and execute the payload when the application processes malicious input through HTTP Client or Rules functionality.
Published: 2026-03-24
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: Local Arbitrary Code Execution
Action: Immediate Patch
AI Analysis

Impact

X‑NetStat Pro 5.63 implements a 264‑byte buffer that can be overflowed, allowing a local attacker to overwrite the EIP register. By injecting shellcode into memory and using an egg hunter strategy, the attacker can cause the application to execute arbitrary instructions, leading to a complete compromise of the affected system. This vulnerability can be leveraged to read, modify or delete data, gain escalated privileges, or disrupt the service by terminating it. The weakness is classified as a classic buffer overflow (CWE‑787).

Affected Systems

The product affected is Freshsoftware NetStat Pro version 5.63. No other versions are mentioned as vulnerable, and no additional vendor or product information is provided beyond the cited CNA entry.

Risk and Exploitability

With a CVSS score of 8.6 the flaw is in the high severity range. The absence of an EPSS score and lack of inclusion in the CISA KEV catalog reduce certainty about current exploit activity, but an exploit is available in the public domain (Exploit‑DB ID 46596). The attack requires local access or the ability to deliver malicious input to the application’s HTTP Client or Rules processing components, making it exploitable by users with sufficient privileges or an attacker who can perform social engineering to gain a local shell. Given its high severity and the availability of a known exploit, a timely fix is warranted.

Generated by OpenCVE AI on March 24, 2026 at 12:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade NetStat Pro to the latest patched release that addresses the buffer‐overflow vulnerability.
  • If an update is unavailable, disable the vulnerable HTTP Client and Rules features to prevent the flaw from being exercised.
  • Monitor system logs for signs of shellcode execution or repeated attempts to trigger the overflow condition, and investigate any anomalous activity immediately.

Generated by OpenCVE AI on March 24, 2026 at 12:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Freshsoftware
Freshsoftware netstat Pro
Vendors & Products Freshsoftware
Freshsoftware netstat Pro

Tue, 24 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 24 Mar 2026 11:45:00 +0000

Type Values Removed Values Added
Description X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the EIP register through a 264-byte buffer overflow. Attackers can inject shellcode into memory and use an egg hunter technique to locate and execute the payload when the application processes malicious input through HTTP Client or Rules functionality.
Title X-NetStat Pro 5.63 Local Buffer Overflow via EggHunter
Weaknesses CWE-787
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Freshsoftware Netstat Pro
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-24T13:25:04.009Z

Reserved: 2026-03-24T11:03:20.486Z

Link: CVE-2019-25637

cve-icon Vulnrichment

Updated: 2026-03-24T13:24:59.521Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-24T12:16:04.593

Modified: 2026-03-24T15:53:48.067

Link: CVE-2019-25637

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T20:39:34Z

Weaknesses