CVE-2020-37036

High CVSS: 7.1

RM Downloader 2.50.60 contains a local buffer overflow vulnerability in the 'Load' parameter that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload with an egg hunter technique to bypass memory protections and execute commands like launching calc.exe.

Vendor

Product

CWE

CWE-120

Yayın Tarihi

2026-01-30 23:16:09

Güncelleme

2026-02-03 16:44:36

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-120 HIGH 2026

Referanslar

https://github.com/x00x00x00x00/RMDownloader_2.50.60 https://rm-downloader.software.informer.com/ https://www.exploit-db.com/exploits/48628 https://www.vulncheck.com/advisories/rm-downloader-load-local-buffer-overflow