Description
LabF nfsAxe 3.7 Ping Client contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the Host IP field. Attackers can craft a specially formatted input file with shellcode and overwrite the return address to execute calc.exe or other arbitrary commands.
Published: 2026-06-04
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

LabF nfsAxe 3.7 Ping Client contains a buffer overflow in the Host IP field that allows a local user to supply a malicious payload and overwrite the return address, leading to arbitrary code execution. The flaw is a classic stack‑based buffer overflow, classified as CWE‑120, and can be exploited to run commands such as calc.exe or any shellcode injected by the attacker.

Affected Systems

The vulnerability affects the LabF nfsAxe product, specifically version 3.7, as supplied by the vendor LabF. No other versions or variants are listed as affected, so only installations of LabF nfsAxe 3.7 are at risk.

Risk and Exploitability

The vulnerability carries a CVSS score of 8.6, indicating high severity. There is no EPSS score available, but the flaw is local, requiring an attacker to have access to the machine running the client. Because the attack vector is local and the exploit directly overwrites the return address, it can be leveraged to execute arbitrary code with the privileges of the nfsAxe process. The flaw is not listed in CISA KEV, but its impact is significant for any organization that deploys LabF nfsAxe 3.7 and allows local users to use the ping client.

Generated by OpenCVE AI on June 4, 2026 at 14:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade LabF nfsAxe to the latest patched release that fixes the buffer overflow.
  • Restrict execution privileges of the nfsAxe client so that only trusted users can run it and supply the Host IP field.
  • Implement input validation or enforce a maximum length on the Host IP field to reject malformed payloads.
  • Consider monitoring the client binary with file integrity checking to detect unauthorized changes that might reintroduce the flaw.

Generated by OpenCVE AI on June 4, 2026 at 14:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 04 Jun 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 04 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Description LabF nfsAxe 3.7 Ping Client contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the Host IP field. Attackers can craft a specially formatted input file with shellcode and overwrite the return address to execute calc.exe or other arbitrary commands.
Title LabF nfsAxe 3.7 Ping Client Buffer Overflow
First Time appeared Labf
Labf nfsaxe
Weaknesses CWE-120
CPEs cpe:2.3:a:labf:nfsaxe:3.7:*:*:*:*:*:*:*
Vendors & Products Labf
Labf nfsaxe
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Labf Nfsaxe
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-04T15:06:26.073Z

Reserved: 2026-06-04T11:01:05.892Z

Link: CVE-2019-25736

cve-icon Vulnrichment

Updated: 2026-06-04T15:01:26.863Z

cve-icon NVD

Status : Deferred

Published: 2026-06-04T14:16:31.817

Modified: 2026-06-04T15:00:40.757

Link: CVE-2019-25736

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-04T15:15:16Z

Weaknesses
  • CWE-120

    Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')