CVE-2020-37075
Buffer Overflow in LanSend 3.2 Add Computers Wizard Enables RCE
Publication date: 2026-02-03
Last updated on: 2026-02-03
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| unknown_vendor | lansend | 3.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know
Can you explain this vulnerability to me?
LanSend 3.2 contains a buffer overflow vulnerability in the Add Computers Wizard file import functionality. This vulnerability allows remote attackers to execute arbitrary code by crafting a malicious payload file. When the file is imported, the attacker can trigger a structured exception handler (SEH) overwrite, which enables the execution of shellcode.
How can this vulnerability impact me? :
This vulnerability can have severe impacts as it allows remote attackers to execute arbitrary code on the affected system. This means an attacker could potentially take full control of the system, leading to unauthorized access, data theft, system manipulation, or disruption of services.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know