CVE-2020-37205
Published: 11 February 2026
Summary
CVE-2020-37205 is a medium-severity Classic Buffer Overflow (CWE-120) vulnerability in Nsasoft Remshutdown. Its CVSS base score is 4.6 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 4.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2020-37205 is a denial of service vulnerability in RemShutdown 2.9.0.0, stemming from a buffer overflow in the 'Name' registration field (CWE-120). Attackers can trigger the issue by submitting oversized input, such as a 1000-character payload, leading to an application crash. The vulnerability received a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), highlighting its high availability impact with network accessibility and no prerequisites for exploitation.
Any remote attacker can exploit this vulnerability without privileges or user interaction by pasting a specially crafted 1000-character buffer payload into the registration name field, causing the RemShutdown application to crash and deny service to legitimate users.
Advisories and related resources include the VulnCheck advisory at https://www.vulncheck.com/advisories/remshutdown-name-denial-of-service, a proof-of-concept exploit on Exploit-DB at https://www.exploit-db.com/exploits/47865, and the vendor site at http://www.nsauditor.com/. No patch details are specified in available information.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-31183
Vulnerability details
RemShutdown 2.9.0.0 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' registration field. Attackers can generate a 1000-character buffer payload and paste it into the registration name field to trigger an application…
more
crash.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in network-accessible registration field directly enables application crash via crafted input, mapping to application exploitation for endpoint DoS.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Validates the length and format of inputs to the 'Name' registration field, directly preventing buffer overflow crashes from oversized payloads like 1000-character strings.
Enforces size restrictions on inputs to the registration name field at application boundaries, blocking oversized payloads that trigger the buffer overflow denial of service.
Implements denial-of-service protections such as input rate limiting and resource throttling to mitigate crashes from remote oversized input attacks on RemShutdown.