Primary

Context

SpotAuditor Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in SpotAuditor version 5.3.1.0. This vulnerability allows unauthenticated attackers to crash the application by sending excessive data in the registration name field. During the registration process, entering a large string of characters (5000 bytes or more) in the name field triggers an unhandled exception that causes the application to crash.

Impact

Exploitation of this vulnerability leads to a crash of the SpotAuditor application, causing a denial-of-service condition.

Reproduction

To reproduce this vulnerability, install SpotAuditor version 5.3.1.0 and access the registration feature. In the name field, enter 5000 bytes of data, such as 5000 'A' characters, and submit the registration. This will trigger an unhandled exception and crash the application.

Added: Feb 20, 2026, 11:33 PM

Updated: Feb 20, 2026, 11:33 PM

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

2.5

exploitability

6.0

remediation

0.0

relevance

3.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

2.5

exploitability

6.0

remediation

0.0

relevance

3.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SpotAuditor Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

Nsasoft SpotAuditor

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating