PatchSiren cyber security CVE debrief

CVE-2020-37197 Nsasoft CVE debrief

CVE-2020-37197 is a denial of service vulnerability in Dnss Domain Name Search Software. An attacker can crash the application by providing a specially crafted input that overflows the 'Name' field. This can be achieved by generating a 1000-character buffer payload and pasting it into the registration name field. The vulnerability has a CVSS score of 4.6 and is classified as MEDIUM severity. The CVE was published on 2026-02-11T21:16:14.297Z and last modified on 2026-06-29T18:30:11.547Z.

Vendor: Nsasoft
Product: Nsauditor Dnss Domain Name Search Software
CVSS: MEDIUM 4.6
CISA KEV: Not listed in stored evidence
Original CVE published: 2026-02-11
Original CVE updated: 2026-06-29
Advisory published: 2026-02-11
Advisory updated: 2026-06-29

Who should care

Organizations using Dnss Domain Name Search Software should be aware of this vulnerability and take necessary precautions to prevent exploitation. The vulnerability can be exploited by attackers to crash the application, potentially leading to denial of service. Users of the software should ensure they are running a version that is not vulnerable and consider implementing compensating controls to detect and prevent such attacks.

Technical summary

The vulnerability exists in the Dnss Domain Name Search Software due to improper handling of input in the 'Name' field. An attacker can exploit this vulnerability by providing a specially crafted input that overflows the buffer, leading to a denial of service condition. The CVSS vector for this vulnerability is CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. The weakness associated with this vulnerability is CWE-120.

Defensive priority

This vulnerability has a MEDIUM severity and a CVSS score of 4.6. Organizations should prioritize patching or mitigating this vulnerability to prevent potential denial of service attacks.

Recommended defensive actions

Apply the patch or update provided by the vendor to fix the vulnerability.
Implement compensating controls such as input validation and buffering to detect and prevent buffer overflow attacks.
Monitor the application for unusual activity and implement logging and alerting to detect potential exploitation attempts.
Consider implementing a web application firewall (WAF) to detect and prevent common web attacks.
Conduct regular vulnerability assessments and penetration testing to identify and address potential vulnerabilities.

Evidence notes

The CVE-2020-37197 vulnerability was published on 2026-02-11T21:16:14.297Z and last modified on 2026-06-29T18:30:11.547Z. The vulnerability has a CVSS score of 4.6 and is classified as MEDIUM severity. The CVE is associated with CWE-120. The vulnerability can be exploited by attackers to crash the application, potentially leading to denial of service.

Official resources

CVE-2020-37197 CVE record
CVE.org
CVE-2020-37197 NVD detail
NVD
Source item URL
nvd_modified
Source reference
[email protected] - Product
Source reference
[email protected] - Exploit, VDB Entry
Mitigation or vendor reference
[email protected] - Third Party Advisory

This article is AI-assisted and based on the supplied source corpus.