CVE-2020-37202
Published: 11 February 2026
Summary
CVE-2020-37202 is a medium-severity Classic Buffer Overflow (CWE-120) vulnerability in Nsauditor (inferred from references). Its CVSS base score is 4.6 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 2.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2020-37202 is a denial-of-service vulnerability affecting NetworkSleuth version 3.0.0.0, caused by improper handling of oversized inputs in the registration key field, classified under CWE-120 (buffer overflow). Attackers can crash the application by supplying a 1000-character buffer payload pasted into this field, leading to unavailability of the software. The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating high impact on availability with no effects on confidentiality or integrity.
Any unauthenticated attacker with network access can exploit this issue remotely with low complexity and no privileges or user interaction required. By generating and delivering the oversized registration key payload, the attacker triggers an application crash, denying service to legitimate users of NetworkSleuth.
References include the vendor site at nsauditor.com, an Exploit-DB proof-of-concept at exploit-db.com/exploits/47853, and a VulnCheck advisory at vulncheck.com/advisories/networksleuth-key-denial-of-service, which detail the vulnerability but do not specify patches or mitigations.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-31186
Vulnerability details
NetworkSleuth 3.0.0.0 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application…
more
crash.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in registration key input directly enables remote application crash, matching Endpoint DoS via Application Exploitation (T1499.004).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Enforces validation of all inputs (including the registration-key field) to reject oversized payloads before they reach the vulnerable buffer-handling code.
Applies memory-protection mechanisms that can detect or block the buffer-overflow write triggered by the 1000-character registration key.
Requires denial-of-service protection controls that limit the availability impact of an unauthenticated oversized-input crash against NetworkSleuth.