CVE-2019-25572
Received Received - Intake
Denial of Service via Buffer Overflow in NordVPN

Publication date: 2026-03-21

Last updated on: 2026-04-15

Assigner: VulnCheck

Description
NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Attackers can paste a buffer of 100,000 characters into the email field during login to trigger an application crash.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-21
Last Modified
2026-04-15
Generated
2026-06-16
AI Q&A
2026-03-21
EPSS Evaluated
2026-06-14
NVD
CVE-2019-25572
EUVD
EUVD-2019-19892
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
nordvpn nordvpn to 6.19.6 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1260 The product allows address regions to overlap, which can result in the bypassing of intended memory protection.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2019-25572 is a denial of service vulnerability in NordVPN version 6.19.6 and earlier. It occurs because the application improperly handles input in the email field during login.

An attacker can submit an excessively long stringβ€”specifically, a buffer of 100,000 charactersβ€”into the email input field. This causes a buffer overflow that crashes the NordVPN client application.

The attack is local, meaning the attacker must have access to the system running NordVPN. No special privileges or user interaction are required beyond pasting the large input into the email field.

Impact Analysis

This vulnerability can cause the NordVPN client application to crash, resulting in a denial of service.

Because the application crashes, legitimate users may be unable to use NordVPN until the application is restarted or the issue is resolved.

The impact is on availability, meaning the VPN service becomes temporarily unavailable, which could disrupt secure network connections.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by attempting to reproduce the denial of service condition on the affected NordVPN client version 6.19.6 by submitting an excessively long string in the email input field during login.'}, {'type': 'paragraph', 'content': 'A proof-of-concept method involves creating a buffer of 100,000 characters and pasting it into the email field of the NordVPN login interface to observe if the application crashes.'}, {'type': 'list_item', 'content': "Run a Python script to generate a file (e.g., PoC.txt) containing 100,000 'A' characters."}, {'type': 'list_item', 'content': 'Copy the contents of this file to the clipboard.'}, {'type': 'list_item', 'content': 'Open the NordVPN application and paste the large buffer into the email field.'}, {'type': 'list_item', 'content': 'Enter any password and attempt to sign in.'}, {'type': 'paragraph', 'content': 'If the application crashes, the vulnerability is present.'}] [1]

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25572. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart