CVE-2019-25637 | THREATINT

Description

X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the EIP register through a 264-byte buffer overflow. Attackers can inject shellcode into memory and use an egg hunter technique to locate and execute the payload when the application processes malicious input through HTTP Client or Rules functionality.

PUBLISHED Reserved 2026-03-24 | Published 2026-03-24 | Updated 2026-03-24 | Assigner VulnCheck

HIGH: 8.6CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

HIGH: 8.4CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

Out-of-bounds Write

Product status

5.63 #

affected

Credits

Peyman Forouzan # finder

References

www.exploit-db.com/exploits/46596 (ExploitDB-46596) exploit

freshsoftware.com (Official Product Homepage) product

www.vulncheck.com/...pro-local-buffer-overflow-via-egghunter (VulnCheck Advisory: X-NetStat Pro 5.63 Local Buffer Overflow via EggHunter) third-party-advisory

cve.org (CVE-2019-25637)

nvd.nist.gov (CVE-2019-25637)

Download JSON