CVE-2020-37182 | THREATINT

Description

Redir 3.3 contains a stack overflow vulnerability in the doproxyconnect() function that allows attackers to crash the application by sending oversized input. Attackers can exploit the sprintf() buffer without proper length checking to overwrite memory and cause a segmentation fault, resulting in program termination.

PUBLISHED Reserved 2026-02-10 | Published 2026-02-11 | Updated 2026-02-12 | Assigner VulnCheck

HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

Stack-based Buffer Overflow

Product status

3.3

affected

Credits

hieubl from HPT Cyber Security finder

References

www.exploit-db.com/exploits/47919 (ExploitDB-47919) exploit

github.com/troglobit/redir (Redir Project GitHub Repository) product

www.vulncheck.com/advisories/redir-denial-of-service (VulnCheck Advisory: Redir 3.3 - Denial of Service) third-party-advisory

cve.org (CVE-2020-37182)

nvd.nist.gov (CVE-2020-37182)

Download JSON