CVE-2020-35488

HIGH

nxlog < 3.0.2272 - Denial of Service via Crafted Syslog Payload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2020-35488. PoCs published by Guillaume PETIT, GuillaumePetit84, githubfoam.

AI-analyzed exploit summary This Python script exploits CVE-2020-35488, a DoS vulnerability in Nxlog Community Edition 2.10.2150 by sending a malformed syslog message. The exploit uses Scapy to craft and send a UDP packet with a specific payload that triggers the vulnerability.

Description

The fileop module of the NXLog service in NXLog Community Edition 2.10.2150 allows remote attackers to cause a denial of service (daemon crash) via a crafted Syslog payload to the Syslog service. This attack requires a specific configuration. Also, the name of the directory created must use a Syslog field. (For example, on Linux it is not possible to create a .. directory. On Windows, it is not possible to create a CON directory.)

Exploits (3)

exploitdb WORKING POC
by Guillaume PETIT · textdosmultiple
https://www.exploit-db.com/exploits/49283

This Python script exploits CVE-2020-35488, a DoS vulnerability in Nxlog Community Edition 2.10.2150 by sending a malformed syslog message. The exploit uses Scapy to craft and send a UDP packet with a specific payload that triggers the vulnerability.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Nxlog Community Edition 2.10.2150
No auth needed
Prerequisites: Network access to the target Nxlog server · Python 3 with Scapy library
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 1 stars
by GuillaumePetit84 · poc
https://github.com/GuillaumePetit84/CVE-2020-35488

This repository contains a functional Python script that exploits CVE-2020-35488, a deserialization vulnerability in NXLOG Community Edition 2.10.2150. The exploit sends a crafted syslog message to trigger a denial-of-service (DoS) by attempting to create a directory with an invalid name (e.g., '..' or 'CON').

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: NXLOG Community Edition 2.10.2150
No auth needed
Prerequisites: NXLOG server with a specific configuration that uses syslog payload fields to create directories · Network access to the NXLOG server on the syslog port (default 514/UDP)
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec WORKING POC
by githubfoam · poc
https://github.com/githubfoam/nxlog-ubuntu-githubactions

This repository contains a functional exploit PoC for CVE-2020-35488, targeting NXlog CE on Ubuntu 18.04. It automates the deployment of a vulnerable NXlog instance and clones a separate exploit repository to demonstrate the vulnerability.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: NXlog CE 2.11.2190
No auth needed
Prerequisites: Ubuntu 18.04 environment · Internet access to download NXlog and exploit code
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Mitigation, Third Party Advisory x_refsource_misc
https://github.com/GuillaumePetit84/CVE-2020-35488

Scores

CVSS v3 7.5
EPSS 0.0760
EPSS Percentile 93.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-502
Status published
Products (1)
nxlog/nxlog < 3.0.2272
Published Jan 05, 2021
Tracked Since Feb 18, 2026