Nsauditor 3.2.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can …

CVE-2020-37130 affects Nsauditor version 3.2.0.0, a network security auditing tool. The vulnerability exists in the registration name input field where attackers can trigger a denial of service condition. By creating a malicious payload consisting of 1000 bytes of repeated characters and pasting it into the registration name field, attackers can cause the application to crash. This is a simple buffer overflow or input validation issue that leads to application instability. The vulnerability has been documented with proof-of-concept exploits available on Exploit-DB.