CVE-2020-37201
Published: 11 February 2026
Summary
CVE-2020-37201 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Nsasoft Netsharewatcher. Its CVSS base score is 7.5 (High).
Operationally, ranked at the 4.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Threat & Defense Details
Likely Mitigating ControlsAI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Platform-independent managed code eliminates the need for unchecked native buffer copies that are the root cause of classic buffer overflows.
NVD Description
NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration name input that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash.
Deeper analysisAI
CVE-2020-37201 is a buffer overflow vulnerability (CWE-120) affecting NetShareWatcher version 1.5.8.0, specifically in the registration name input field. The issue allows attackers to crash the application by generating and pasting a 1000-character payload into the 'Name' field.
According to its CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), the vulnerability can be exploited remotely over the network with low attack complexity, requiring no privileges or user interaction. Attackers can achieve a denial of service by crashing the application, with high impact to availability but no impact to confidentiality or integrity.
References include a proof-of-concept exploit on Exploit-DB (ID 47848), a VulnCheck advisory detailing the NetShareWatcher name denial-of-service, and the vendor site at nsauditor.com. No specific patch or mitigation details are outlined in the provided information.
Details
- CWE(s)