CVE-2020-37139
Unknown Unknown - Not Provided
Buffer Overflow in Odin Secure FTP 7.6.3 Causes Local DoS

Publication date: 2026-02-05

Last updated on: 2026-02-05

Assigner: VulnCheck

Description
Odin Secure FTP Expert 7.6.3 contains a local denial of service vulnerability that allows attackers to crash the application by manipulating site information fields. Attackers can generate a buffer overflow by pasting 108 bytes of repeated characters into connection fields, causing the application to crash.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-05
Last Modified
2026-02-05
Generated
2026-06-16
AI Q&A
2026-02-05
EPSS Evaluated
2026-06-15
NVD
CVE-2020-37139
EUVD
EUVD-2020-31028
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
odin secure_ftp_expert 7.6.3
odin secure_ftp_expert to 7.6.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-770 The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2020-37139 is a local denial of service (DoS) vulnerability in Odin Secure FTP Expert version 7.6.3 and earlier. It occurs due to improper handling of site information fields, where an attacker can cause a buffer overflow by inputting 108 bytes of repeated characters into connection fields. This buffer overflow causes the application to crash.

The vulnerability requires local access and user interaction to exploit, and it does not require any special privileges.

Impact Analysis

This vulnerability can impact you by causing the Odin Secure FTP Expert application to crash, resulting in a denial of service condition. An attacker with local access can exploit this by inputting specially crafted data into the site information fields, disrupting normal use of the software.

The impact is limited to availability, as the application becomes unusable until restarted or fixed.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': "This vulnerability can be detected by attempting to reproduce the crash condition in the Odin Secure FTP Expert application. Specifically, by inputting a string of 108 repeated characters (such as 'A') into the connection fields of the Quickconnect site dialog, the application will crash if vulnerable."}, {'type': 'list_item', 'content': "Run a script or create a text file containing 108 repeated characters (e.g., 108 'A's)."}, {'type': 'list_item', 'content': 'Copy the content of this file to the clipboard.'}, {'type': 'list_item', 'content': 'Open OdinSecureFTPExpert.exe.'}, {'type': 'list_item', 'content': 'Navigate to Trial > Connect > Quickconnect site.'}, {'type': 'list_item', 'content': 'Paste the clipboard content into all input fields.'}, {'type': 'list_item', 'content': 'Attempt to connect and observe if the application crashes, indicating the presence of the vulnerability.'}] [2]

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2020-37139. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart