CVE-2019-25336

HIGH

SpotAuditor 5.3.2 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2019-25336. PoCs published by Kirill Nikolaev, ZwX.

AI-analyzed exploit summary This exploit leverages a local buffer overflow (SEH) in SpotAuditor 5.3.2 via a crafted Base64 input to execute arbitrary shellcode. The PoC includes a reverse shell payload and targets a specific DLL (sqlite3.dll) without ASLR or SafeSEH protections.

Description

SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that allows attackers to execute arbitrary code by crafting a malicious payload. Attackers can generate a specially crafted Base64 encoded payload to trigger a Structured Exception Handler (SEH) overwrite and execute shellcode on the vulnerable system.

Exploits (2)

exploitdb WORKING POC
by Kirill Nikolaev · pythonlocalwindows
https://www.exploit-db.com/exploits/47759

This exploit leverages a local buffer overflow (SEH) in SpotAuditor 5.3.2 via a crafted Base64 input to execute arbitrary shellcode. The PoC includes a reverse shell payload and targets a specific DLL (sqlite3.dll) without ASLR or SafeSEH protections.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: SpotAuditor 5.3.2
No auth needed
Prerequisites: SpotAuditor 5.3.2 installed on Windows 7 SP1 x86 · Ability to run the exploit locally on the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by ZwX · pythondoswindows
https://www.exploit-db.com/exploits/47719

This PoC exploits a denial-of-service vulnerability in SpotAuditor 5.3.2 by crafting a malformed Base64 input with a large buffer of 'A' characters. The exploit triggers a crash when the input is processed by the 'Base64 Encrypted Password' decryption feature.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: SpotAuditor 5.3.2
No auth needed
Prerequisites: SpotAuditor 5.3.2 installed on Windows 7 · Access to the 'Base64 Encrypted Password' feature
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/47759
Various Sources product
http://www.nsauditor.com/
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/47719

Scores

CVSS v3 8.4
EPSS 0.0021
EPSS Percentile 11.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-121
Status published
Products (1)
nsasoft/spotauditor 5.3.2
Published Feb 12, 2026
Tracked Since Feb 18, 2026