CVE-2020-37170

MEDIUM EPSS 13.6%
Published Feb 7, 20264mo ago · Modified Jun 17, 20261w ago
6.7 CVSS 4.0
Medium
Find Similar
Published Feb 7, 2026 4mo ago
Last Modified Jun 17, 2026 1w ago

Description

TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy address configuration that allows local attackers to crash the application. Attackers can overwrite the address field with 3000 bytes of arbitrary data to trigger an application crash and prevent normal program functionality.

CVSS Details

Base Score
6.7
Exploitability
Impact
Vector string
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction A
Scope X

Threat Intelligence

EPSS Exploit Probability
13.6% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-120

Affected Products 1

VendorProductVersionRange
raimersofttapinradio* ≤2.12.3

References 3

  • exploit-db.com https://www.exploit-db.com/exploits/48011
    ExploitThird Party AdvisoryVDB Entry
  • raimersoft.com https://www.raimersoft.com/php/tapinradio.php
    Product
  • vulncheck.com https://www.vulncheck.com/advisories/tapinradio-address-denial-of-service
    Third Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.