PT-2026-4928 · Unknown · Tapinradio

Ismael Nava

Published

2026-01-27

Updated

2026-02-20

CVE-2020-36949

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions TapinRadio version 2.13.7

Description TapinRadio version 2.13.7 contains a denial of service issue in the application proxy settings. An attacker can cause the program to crash by overflowing input fields. Specifically, pasting a large buffer of approximately 20,000 characters into the username and address fields leads to the application becoming unresponsive and requiring reinstallation.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, limit the input length allowed in the username and address fields within the application proxy settings.

Exploit

Fix

DoS

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

CVE-2020-36949

Affected Products

Tapinradio

PT-2026-4928 · Unknown · Tapinradio

CVE-2020-36949

Weakness Enumeration

Related Identifiers

Affected Products

References · 7