CVE-2020-37175
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2026-02-11

Last updated on: 2026-02-12

Assigner: VulnCheck

Description
P2PWIFICAM2 for iOS 10.4.1 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the Camera ID input field. Attackers can paste a 257-character buffer into the Camera ID field to trigger an application crash on iOS devices.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-11
Last Modified
2026-02-12
Generated
2026-06-16
AI Q&A
2026-02-11
EPSS Evaluated
2026-06-15
NVD
CVE-2020-37175
EUVD
EUVD-2020-31059
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': 'This vulnerability is a denial of service (DoS) issue in the P2PWIFICAM2 iOS application version 10.4.1. It occurs when an attacker inputs a specially crafted string of 257 characters into the Camera ID field (and also the Password field) while adding a new camera. This causes the application to crash immediately on iOS devices.'}, {'type': 'paragraph', 'content': "The root cause is improper input validation or buffer handling in the app's Camera ID and Password fields, which allows a buffer overflow or similar fault leading to the crash."}] [1]

Compliance Impact

I don't know

Impact Analysis

The impact of this vulnerability is a denial of service condition on the P2PWIFICAM2 iOS application. An attacker can cause the app to crash by pasting a long input string into the Camera ID and Password fields, making the app unusable until restarted.

This could disrupt the normal use of the app for managing network cameras, potentially causing inconvenience or loss of monitoring capability temporarily.

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by attempting to reproduce the denial of service condition on the P2PWIFICAM2 iOS application version 10.4.1. Specifically, by inputting a specially crafted string of 257 characters into the Camera ID and Password fields, you can observe if the application crashes.'}, {'type': 'list_item', 'content': 'Run a Python command to generate a 257-character buffer, for example: python3 -c "print(\'A\'*257)"'}, {'type': 'list_item', 'content': 'Copy the output to the clipboard.'}, {'type': 'list_item', 'content': 'Open the P2PWIFICAM2 app on an iOS device.'}, {'type': 'list_item', 'content': "Navigate to the 'Add' camera section and select 'Input Camera.'"}, {'type': 'list_item', 'content': "Paste the 257-character string into the 'Camera ID' field and also into the 'Password' field."}, {'type': 'list_item', 'content': "Press 'Ok' and observe if the app crashes, indicating the presence of the vulnerability."}] [1]

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2020-37175. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart