CVE-2020-37069 | THREATINT

Description

Konica Minolta FTP Utility 1.0 contains a buffer overflow vulnerability in the NLST command that allows attackers to overwrite system registers. Attackers can send an oversized buffer of 1500 'A' characters to crash the FTP server and potentially execute unauthorized code.

PUBLISHED Reserved 2026-02-01 | Published 2026-02-03 | Updated 2026-02-04 | Assigner VulnCheck

HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Product status

1.0

affected

Credits

Alvaro J. Gene (Socket_0x03) finder

References

www.exploit-db.com/exploits/48502 (ExploitDB-48502) exploit

konica-minolta-ftp-utility.software.informer.com/download/ (Konica Minolta FTP Utility Download Page) product

www.konicaminolta.us/ (Konica Minolta Vendor Homepage) product

www.vulncheck.com/...olta-ftp-utility-nlst-denial-of-service (VulnCheck Advisory: Konica Minolta FTP Utility 1.0 - 'NLST' Denial of Service) third-party-advisory

cve.org (CVE-2020-37069)

nvd.nist.gov (CVE-2020-37069)

Download JSON