CVE-2020-37177
Published: 11 February 2026
Summary
CVE-2020-37177 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Weird Solutions (inferred from references). Its CVSS base score is 7.5 (High).
Operationally, ranked at the 12.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
NVD Description
BOOTP Turbo 2.0 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Structured Exception Handler (SEH). Attackers can generate a malicious payload of 2196 bytes with specific byte patterns to trigger an application…
more
crash and corrupt the SEH chain.
Deeper analysisAI
CVE-2020-37177 is a denial of service vulnerability affecting BOOTP Turbo 2.0. The flaw enables attackers to crash the application by overwriting the Structured Exception Handler (SEH) chain through a specially crafted malicious payload of 2196 bytes containing specific byte patterns. This triggers an application crash and SEH corruption. The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and maps to CWE-121 (Stack-based Buffer Overflow).
Remote attackers can exploit this vulnerability without privileges or user interaction by sending the malicious payload over the network to a vulnerable BOOTP Turbo 2.0 instance. Successful exploitation results in a denial of service, rendering the application unavailable due to the crash.
Advisories and related resources include a proof-of-concept exploit at https://www.exploit-db.com/exploits/47955, a VulnCheck advisory detailing the BOOTP Turbo denial of service via SEH at https://www.vulncheck.com/advisories/bootp-turbo-denial-of-service-seh, and the vendor site at https://www.weird-solutions.com. No specific patches or mitigations are detailed in the provided information.
Details
- CWE(s)