CVE-2020-37132

Medium CVSS: 6.7

UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in its password configuration properties that allows local attackers to crash the application. Attackers can paste an overly long 300-character string into the password field to trigger an application crash and prevent normal launcher functionality.

Vendor

Uvnc

Product

Ultravnc

CWE

CWE-121

Yayın Tarihi

2026-02-05 17:16:08

Güncelleme

2026-02-09 22:08:53

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-121 Ultravnc MEDIUM Uvnc 2026

Referanslar

https://www.exploit-db.com/exploits/48290 https://www.uvnc.com/ https://www.vulncheck.com/advisories/ultravnc-launcher-password-denial-of-service

Benzer Kayıtlar

Medium

CVE-2019-25563

PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by…

Medium

CVE-2019-25564

PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by…

High

CVE-2026-3787

A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase…

Medium

CVE-2020-37133

UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allow…