Cyber Resilience

CVE-2020-37182

HighPublic PoC

Published: 11 February 2026

Published
11 February 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0048 37.5th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2020-37182 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability. Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 37.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2020-37182 is a stack-based buffer overflow vulnerability (CWE-121) affecting Redir version 3.3 in the doproxyconnect() function. The flaw stems from the use of sprintf() without proper length checking on oversized input, enabling memory overwrite that leads to a segmentation fault and application crash.

The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating it is exploitable remotely over the network by unauthenticated attackers with low complexity and no user interaction. Exploitation causes a denial of service through program termination.

Advisories and related resources include a denial-of-service advisory from Vulncheck at https://www.vulncheck.com/advisories/redir-denial-of-service, a proof-of-concept exploit at https://www.exploit-db.com/exploits/47919, and the project's GitHub repository at https://github.com/troglobit/redir.

EU & UK References

Vulnerability details

Redir 3.3 contains a stack overflow vulnerability in the doproxyconnect() function that allows attackers to crash the application by sending oversized input. Attackers can exploit the sprintf() buffer without proper length checking to overwrite memory and cause a segmentation fault,…

more

resulting in program termination.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Remote unauthenticated buffer overflow in public-facing Redir proxy tool directly enables application crash via exploitation (T1190 for public app DoS vector; T1499.004 for endpoint DoS through software exploitation).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-29149Shared CWE-121
CVE-2025-70656Shared CWE-121
CVE-2025-71023Shared CWE-121
CVE-2025-70744Shared CWE-121
CVE-2026-29068Shared CWE-121
CVE-2025-70644Shared CWE-121
CVE-2025-29121Shared CWE-121
CVE-2025-15608Shared CWE-121
CVE-2025-70238Shared CWE-121
CVE-2025-65805Shared CWE-121

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents the stack overflow by requiring validation of oversized input before processing in the doproxyconnect() function.

prevent

Implements memory safeguards like stack canaries to detect and prevent unauthorized memory overwrites from the sprintf() buffer overflow.

prevent

Ensures timely remediation and patching of the known buffer overflow flaw in Redir 3.3 to eliminate the vulnerability.

References