CVE-2020-37155

Medium CVSS: 6.7

Core FTP Lite 1.3 contains a buffer overflow vulnerability in the username input field that allows attackers to crash the application by supplying oversized input. Attackers can generate a 7000-byte payload of repeated 'A' characters to trigger an application crash without requiring additional interaction.

Vendor

Product

CWE

CWE-120

Yayın Tarihi

2026-02-07 00:15:55

Güncelleme

2026-02-09 16:08:55

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-120 MEDIUM 2026

Referanslar

http://www.coreftp.com/ https://www.exploit-db.com/exploits/48100 https://www.vulncheck.com/advisories/core-ftp-lite-denial-of-service-poc