CVE-2020-37175
Awaiting Analysis Awaiting Analysis - Queue

BaseFortify

Vulnerability report for CVE-2020-37175, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-02-11

Last updated on: 2026-02-12

Assigner: VulnCheck

Description

P2PWIFICAM2 for iOS 10.4.1 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the Camera ID input field. Attackers can paste a 257-character buffer into the Camera ID field to trigger an application crash on iOS devices.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-02-11
Last Modified
2026-02-12
Generated
2026-07-06
AI Q&A
2026-02-11
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Currently, no data is known.

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': 'This vulnerability is a denial of service (DoS) issue in the P2PWIFICAM2 iOS application version 10.4.1. It occurs when an attacker inputs a specially crafted string of 257 characters into the Camera ID field (and also the Password field) while adding a new camera. This causes the application to crash immediately on iOS devices.'}, {'type': 'paragraph', 'content': "The root cause is improper input validation or buffer handling in the app's Camera ID and Password fields, which allows a buffer overflow or similar fault leading to the crash."}] [1]

Impact Analysis

The impact of this vulnerability is a denial of service condition on the P2PWIFICAM2 iOS application. An attacker can cause the app to crash by pasting a long input string into the Camera ID and Password fields, making the app unusable until restarted.

This could disrupt the normal use of the app for managing network cameras, potentially causing inconvenience or loss of monitoring capability temporarily.

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by attempting to reproduce the denial of service condition on the P2PWIFICAM2 iOS application version 10.4.1. Specifically, by inputting a specially crafted string of 257 characters into the Camera ID and Password fields, you can observe if the application crashes.'}, {'type': 'list_item', 'content': 'Run a Python command to generate a 257-character buffer, for example: python3 -c "print(\'A\'*257)"'}, {'type': 'list_item', 'content': 'Copy the output to the clipboard.'}, {'type': 'list_item', 'content': 'Open the P2PWIFICAM2 app on an iOS device.'}, {'type': 'list_item', 'content': "Navigate to the 'Add' camera section and select 'Input Camera.'"}, {'type': 'list_item', 'content': "Paste the 257-character string into the 'Camera ID' field and also into the 'Password' field."}, {'type': 'list_item', 'content': "Press 'Ok' and observe if the app crashes, indicating the presence of the vulnerability."}] [1]

Mitigation Strategies

I don't know

Compliance Impact

I don't know

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2020-37175. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart