CVE-2020-37209

CVSS v3.1

7.5

High

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SpotFTP 3.0.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2020-37209

Affected Products

Nsauditor Spotftp Ftp Password Recovery

Spotftp

CVE-2020-37209

Weakness Enumeration

Related Identifiers

Affected Products

References · 5