CVE-2020-37001
Published: 29 January 2026
Summary
CVE-2020-37001 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability. Its CVSS base score is 8.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 4.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2020-37001 is a local buffer overflow vulnerability (CWE-121) in Frigate Professional version 3.36.0.9, specifically within the Pack File feature. The issue arises from overflowing the 'Archive To' input field, which enables attackers to overwrite the Structured Exception Handler (SEH) and utilize an egghunter technique to execute arbitrary code, such as a reverse shell payload. The vulnerability carries a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and was published on 2026-01-29.
Local attackers can exploit this vulnerability with low attack complexity, requiring no privileges or user interaction. Exploitation allows achievement of high impacts on confidentiality, integrity, and availability through arbitrary code execution, including establishing a reverse shell on the affected system.
Advisories, including those from VulnCheck and Exploit-DB (exploit 48688), detail the SEH overwrite and egghunter mechanics in the Pack File feature. An archived Frigate website is also referenced, but no specific patches or mitigation steps are described in the available references.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-30912
Vulnerability details
Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the Pack File feature that allows attackers to execute arbitrary code by overflowing the 'Archive To' input field. Attackers can craft a malicious payload that overwrites the Structured Exception Handler…
more
(SEH) and uses an egghunter technique to execute a reverse shell payload.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local buffer overflow in client application (Frigate Pack File) directly enables arbitrary code execution via SEH overwrite/egghunter, mapping to Exploitation for Client Execution.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Validating the 'Archive To' input field prevents buffer overflows by enforcing bounds and format checks on user-supplied data.
Memory protections like stack canaries, ASLR, and DEP thwart SEH overwrites and egghunter techniques used in the buffer overflow exploitation.
Timely flaw remediation through patching addresses the specific buffer overflow vulnerability in the Pack File feature of Frigate Professional 3.36.0.9.