CVE-2020-37001
Buffer Overflow in Frigate Pack File Enables Remote Code Execution
Publication date: 2026-01-29
Last updated on: 2026-01-29
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| unknown_vendor | frigate_professional | 3.36.0.9 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a local buffer overflow in Frigate Professional version 3.36.0.9, specifically in the 'Pack File' feature's 'Archive To' input field. An attacker with local access can craft a malicious input that overflows the buffer and overwrites the Structured Exception Handler (SEH). Using an egghunter technique, the attacker can execute arbitrary code, such as a reverse shell payload, on the affected system. [1, 3]
How can this vulnerability impact me? :
If exploited, this vulnerability allows an attacker with local access to execute arbitrary code on your system. This can lead to unauthorized control over the affected machine, including running a reverse shell, which could be used to further compromise your system or network. [1, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the system is running Frigate Professional version 3.36.0.9 and if the 'Pack File' feature is accessible. Since the exploit involves pasting a specially crafted payload into the 'Archive To' input field in the File -> Pack menu of Frigate3.exe, detection can involve monitoring for unusual or large inputs in this field or attempts to trigger the buffer overflow. There are no specific network commands provided for detection as the exploit is local. However, you can verify the presence of the vulnerable application version and monitor clipboard or input activity related to the 'Pack File' feature. Additionally, running the provided proof-of-concept Python script (from Resource 1) in a controlled environment can help confirm vulnerability presence. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting local access to systems running Frigate Professional 3.36.0.9 to trusted users only, as the exploit requires local access. Avoid using the 'Pack File' feature or pasting untrusted input into the 'Archive To' field until a patch or update is available. Monitoring and blocking suspicious activity related to this feature can help. Since the vulnerability involves a buffer overflow triggered by crafted input, applying any available software updates or patches from the vendor is recommended once released. If no patch is available, consider removing or disabling the vulnerable feature or application to prevent exploitation. [1, 3]