Primary

Context

ASPRunner.NET Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in ASPRunner.NET version 10.1. This vulnerability allows local attackers to crash the application by entering an excessively long string, up to 10,000 characters, in the table name field during the database table creation process.

Impact

Exploiting this vulnerability leads to a crash of the ASPRunner.NET application.

Reproduction

To reproduce this vulnerability, create a Python script that generates a string of 10,000 characters. Save this string to a text file. Then, open ASPRunner.NET and start the process to create a new database. When prompted to enter a table name, paste the contents of the text file into the table name field and proceed to create the table. The application will crash, demonstrating the denial-of-service vulnerability.

Added: Mar 22, 2026, 2:33 PM

Updated: Mar 22, 2026, 2:33 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

4.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

4.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ASPRunner.NET Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating