CVE-2020-37104
Awaiting Analysis Awaiting Analysis - Queue
Information Disclosure in ASTPP 4.0.1 via Predictable Backup Files

Publication date: 2026-02-11

Last updated on: 2026-02-20

Assigner: VulnCheck

Description
ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by predicting backup filename patterns. Attackers can generate a list of 6-digit PIN combinations and fuzz the backup download URL to exfiltrate sensitive database information from the /database_backup/ directory.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-11
Last Modified
2026-02-20
Generated
2026-06-16
AI Q&A
2026-02-11
EPSS Evaluated
2026-06-15
NVD
CVE-2020-37104
EUVD
EUVD-2020-31179
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
inextrix astpp 4.0.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-538 The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

ASTPP version 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by predicting the backup filename patterns.

The backup files are saved in a directory with filenames that include a timestamp and a 6-digit numeric PIN representing the time, which is semi-predictable.

Attackers can generate a list of all possible 6-digit PIN combinations and use fuzzing tools to try these against the backup download URL to find valid backup filenames.

Once a valid filename is found, the attacker can download the database backup file without any authentication, leading to unauthorized access to sensitive database information.

Impact Analysis

This vulnerability allows attackers to exfiltrate sensitive database information without any authentication.

Since the database backup files can be downloaded by guessing filenames, confidential data stored in the database can be exposed to unauthorized parties.

This can lead to data breaches, loss of confidentiality, and potential misuse of sensitive information contained in the database backups.

Compliance Impact

I don't know

Detection Guidance

This vulnerability can be detected by fuzzing the backup download URL to identify valid database backup files with predictable filenames.

  • Generate a list of all 6-digit numeric PIN combinations (000000 to 999999) using a tool like crunch.
  • Use a web fuzzing tool such as wfuzz to iterate through the PIN list and request URLs of the form http://target/database_backup/astpp_YYYYMMDDFUZZ.sql.gz.
  • Check for HTTP 200 responses from the server, which indicate valid backup filenames.
  • Once a valid filename is identified, download the backup file using wget or a similar tool.
Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2020-37104. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart