CVE-2019-25712

BlueAuditor 1.7.2.0 Buffer Overflow Denial of Service via Registration Key

CVSS 6.9 MEDIUMEPSS 0.2%CWE-787

Vexday Risk Score

33Attention

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS 6.9EPSS 0.2%KEV nãoPoC públicaNuclei —Metasploit —Patch —

Lifecycle

12 Apr 2026Published on NVD

Recommendation: Plan a near-term fix — a public PoC already exists.

BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration key field that allows local attackers to crash the application by submitting an oversized key value. Attackers can trigger a denial of service by entering a 256-byte buffer of repeated characters in the Key registration field, causing the application to crash during registration processing.

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected products

NSauditor · BlueAuditor

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/46087unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.exploit-db.com/exploits/46087 https://www.vulncheck.com/advisories/blueauditor-buffer-overflow-denial-of-service-via-registration-key