CVE-2019-25736 HIGH

CVE-2019-25736: LabF nfsAxe 3.7 Ping Client Buffer Overflow

Vendor Labf
Product LabF nfsAxe
Weakness CWE-120
Published June 4, 2026
Last update June 4, 2026

CVSS base score

8.6/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

LabF nfsAxe 3.7 Ping Client contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the Host IP field. Attackers can craft a specially formatted input file with shellcode and overwrite the return address to execute calc.exe or other arbitrary commands.

Key dates

02Disclosure timeline

June 4, 2026 CVE published
June 4, 2026 Record updated