CVE-2020-37177
SEH Overwrite Denial of Service in BOOTP Turbo
Publication date: 2026-02-11
Last updated on: 2026-02-12
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| weird_solutions | bootp_turbo | to 2.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2020-37177 is a denial of service vulnerability in BOOTP Turbo version 2.0 and earlier. It is caused by a stack-based buffer overflow that allows attackers to overwrite the Structured Exception Handler (SEH) chain. By crafting a malicious payload of 2,196 bytes with specific byte patterns, an attacker can corrupt the SEH chain and cause the application to crash.
How can this vulnerability impact me? :
This vulnerability can impact you by causing the BOOTP Turbo application to crash, resulting in a denial of service. The crash occurs because the attacker overwrites the SEH chain, which disrupts the normal exception handling process. This leads to application unavailability and potential disruption of services relying on this software.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by attempting to reproduce the crash condition on the BOOTP Turbo 2.0 application. Specifically, the vulnerability is triggered by inputting a specially crafted payload into the application\'s "Log File" text box within the Settings menu after enabling detailed logging.'}, {'type': 'paragraph', 'content': "A proof-of-concept exploit involves creating a buffer overflow payload consisting of 2196 'A' characters, followed by 4 'B' characters (nSEH), 4 'C' characters (SEH), and padding with 'D' characters to reach a total length of 3000 bytes. When this payload is pasted into the log file input and confirmed, it causes the application to crash due to Structured Exception Handler (SEH) chain corruption."}, {'type': 'paragraph', 'content': 'While no specific network commands are provided, detection involves monitoring the application for crashes related to SEH chain corruption after such input. Using the provided proof-of-concept Python script to generate the malicious payload file "crash.txt" and applying it as described can help confirm the presence of the vulnerability.'}] [2]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'Immediate mitigation steps include avoiding the use of the vulnerable input vector, specifically refraining from pasting or loading untrusted or malformed data into the "Log File" text box within the BOOTP Turbo 2.0 application.'}, {'type': 'paragraph', 'content': 'Since the vulnerability requires local user interaction to trigger the crash, restricting access to the application and limiting user permissions can reduce the risk of exploitation.'}, {'type': 'paragraph', 'content': 'Additionally, monitoring for application crashes and applying any available patches or updates from the vendor (Weird Solutions) when released is recommended.'}] [1, 2]