CVE-2019-25637

HIGH

X-NetStat Pro 5.63 Local Buffer Overflow via EggHunter

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-25637. PoCs published by Peyman Forouzan.

AI-analyzed exploit summary This exploit demonstrates a local buffer overflow in X-NetStat Pro 5.63 using an EggHunter technique to achieve remote code execution (RCE) by launching calc.exe. It includes shellcode and egghunter payloads tailored for different Windows versions (XP, Win7, Win10).

Description

X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the EIP register through a 264-byte buffer overflow. Attackers can inject shellcode into memory and use an egg hunter technique to locate and execute the payload when the application processes malicious input through HTTP Client or Rules functionality.

Exploits (1)

exploitdb WORKING POC

by Peyman Forouzan · pythonlocalwindows

https://www.exploit-db.com/exploits/46596

View Code ZIP pw:eip

This exploit demonstrates a local buffer overflow in X-NetStat Pro 5.63 using an EggHunter technique to achieve remote code execution (RCE) by launching calc.exe. It includes shellcode and egghunter payloads tailored for different Windows versions (XP, Win7, Win10).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: X-NetStat Pro 5.63

No auth needed

Prerequisites: X-NetStat Pro 5.63 installed · Local access to the target system

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Mar 24, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit exploit

ExploitDB-46596

https://www.exploit-db.com/exploits/46596

Product product

Official Product Homepage

https://freshsoftware.com

Third Party Advisory third-party-advisory

VulnCheck Advisory: X-NetStat Pro 5.63 Local Buffer Overflow via EggHunter

https://www.vulncheck.com/advisories/x-netstat-pro-local-buffer-overflow-via-egghunter

Scores

CVSS v3 8.4

EPSS 0.0018

EPSS Percentile 8.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-787

Status published

Products (1)

Freshsoftware/NetStat Pro 5.63 #

Published Mar 24, 2026

Tracked Since Mar 24, 2026