8.7
CVE-2026-2071 - UTT 进取 520W formP2PLimitConfig strcpy buffer overflow
A vulnerability was found in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formP2PLimitConfig. Performing a manipulation of the argument except results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public…
5.1
CVE-2020-37079 - Wing FTP Server < 6.2.7 - Cross-site Request Forgery
Wing FTP Server versions prior to 6.2.7 contain a cross-site request forgery (CSRF) vulnerability in the web administration interface that allows attackers to delete admin users. Attackers can craft a malicious HTML page with a hidden form to submit a request that deletes the administrative user ac…
6.7
CVE-2020-37171 - TapinRadio 2.12.3 - 'username' Denial of Service
TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy username configuration that allows local attackers to crash the application. Attackers can overwrite the username field with 10,000 bytes of arbitrary data to trigger an application crash and prevent normal progra…
6.7
CVE-2020-37170 - TapinRadio 2.12.3 - 'address' Denial of Service
TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy address configuration that allows local attackers to crash the application. Attackers can overwrite the address field with 3000 bytes of arbitrary data to trigger an application crash and prevent normal program fu…
6.9
CVE-2020-37166 - AbsoluteTelnet 11.12 - 'SSH2/username' Denial of Service
AbsoluteTelnet 11.12 contains a denial of service vulnerability in the SSH2 username input field that allows local attackers to crash the application. Attackers can overwrite the username field with a 1000-byte buffer, causing the application to become unresponsive and terminate.