CVE-2020-37001
Unknown Unknown - Not Provided
Buffer Overflow in Frigate Pack File Enables Remote Code Execution

Publication date: 2026-01-29

Last updated on: 2026-01-29

Assigner: VulnCheck

Description
Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the Pack File feature that allows attackers to execute arbitrary code by overflowing the 'Archive To' input field. Attackers can craft a malicious payload that overwrites the Structured Exception Handler (SEH) and uses an egghunter technique to execute a reverse shell payload.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-29
Last Modified
2026-01-29
Generated
2026-06-16
AI Q&A
2026-01-29
EPSS Evaluated
2026-06-14
NVD
CVE-2020-37001
EUVD
EUVD-2020-30912
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
unknown_vendor frigate_professional 3.36.0.9
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a local buffer overflow in Frigate Professional version 3.36.0.9, specifically in the 'Pack File' feature's 'Archive To' input field. An attacker with local access can craft a malicious input that overflows the buffer and overwrites the Structured Exception Handler (SEH). Using an egghunter technique, the attacker can execute arbitrary code, such as a reverse shell payload, on the affected system. [1, 3]

Impact Analysis

If exploited, this vulnerability allows an attacker with local access to execute arbitrary code on your system. This can lead to unauthorized control over the affected machine, including running a reverse shell, which could be used to further compromise your system or network. [1, 3]

Detection Guidance

This vulnerability can be detected by checking if the system is running Frigate Professional version 3.36.0.9 and if the 'Pack File' feature is accessible. Since the exploit involves pasting a specially crafted payload into the 'Archive To' input field in the File -> Pack menu of Frigate3.exe, detection can involve monitoring for unusual or large inputs in this field or attempts to trigger the buffer overflow. There are no specific network commands provided for detection as the exploit is local. However, you can verify the presence of the vulnerable application version and monitor clipboard or input activity related to the 'Pack File' feature. Additionally, running the provided proof-of-concept Python script (from Resource 1) in a controlled environment can help confirm vulnerability presence. [1]

Mitigation Strategies

Immediate mitigation steps include restricting local access to systems running Frigate Professional 3.36.0.9 to trusted users only, as the exploit requires local access. Avoid using the 'Pack File' feature or pasting untrusted input into the 'Archive To' field until a patch or update is available. Monitoring and blocking suspicious activity related to this feature can help. Since the vulnerability involves a buffer overflow triggered by crafted input, applying any available software updates or patches from the vendor is recommended once released. If no patch is available, consider removing or disabling the vulnerable feature or application to prevent exploitation. [1, 3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2020-37001. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart