Cyber Resilience

CVE-2020-37107

MediumPublic PoC

Published: 07 February 2026

Published
07 February 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0003 8.2th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2020-37107 is a medium-severity Classic Buffer Overflow (CWE-120) vulnerability in Coreftp (inferred from references). Its CVSS base score is 6.7 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 8.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2020-37107 is a denial-of-service vulnerability in Core FTP LE version 2.2. The issue stems from a buffer overflow (CWE-120), where attackers can crash the application by overwriting the account field with a large buffer, such as pasting content from a text file containing 20,000 repeated characters into the field.

The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating it is exploitable remotely over the network with low complexity, no required privileges or user interaction. Attackers can achieve a high-impact denial of service, causing the application to become unresponsive and requiring reinstallation to recover.

Advisories and references include the vendor site at coreftp.com and its download page, a proof-of-concept exploit on Exploit-DB (ID 48137), and a VulnCheck advisory detailing the Core FTP LE denial-of-service vulnerability. No specific patch details are outlined in the provided information.

EU & UK References

Vulnerability details

Core FTP LE 2.2 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the account field with a large buffer. Attackers can create a text file with 20,000 repeated characters and paste it into…

more

the account field to cause the application to become unresponsive and require reinstallation.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Buffer overflow enables remote application crash for DoS via exploitation (T1499.004).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-20115Shared CWE-120
CVE-2020-37205Shared CWE-120
CVE-2026-28875Shared CWE-120
CVE-2020-37194Shared CWE-120
CVE-2020-37180Shared CWE-120
CVE-2024-24419Shared CWE-120
CVE-2019-25353Shared CWE-120
CVE-2026-30075Shared CWE-120
CVE-2020-37213Shared CWE-120
CVE-2021-47798Shared CWE-120

Affected Assets

Coreftp
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces validation of account-field input size/format to block the oversized buffer that triggers the CWE-120 overflow.

prevent

Applies memory-protection mechanisms (e.g., ASLR, DEP, bounds checking) that can stop or contain the buffer overflow before it crashes the Core FTP process.

prevent

Limits the impact of the resulting denial-of-service condition on system availability when the vulnerable client is exploited remotely.

References