CVE-2020-37179
Awaiting Analysis Awaiting Analysis - Queue
Denial of Service via Input Overflow in APKF Product Key Finder

Publication date: 2026-02-11

Last updated on: 2026-02-12

Assigner: VulnCheck

Description
APKF Product Key Finder 2.5.8.0 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character payload and paste it into the registration name field to trigger an application crash.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-11
Last Modified
2026-02-12
Generated
2026-06-16
AI Q&A
2026-02-11
EPSS Evaluated
2026-06-15
NVD
CVE-2020-37179
EUVD
EUVD-2020-31207
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
apkf product_key_finder to 2.5.8.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "APKF Product Key Finder version 2.5.8.0 contains a denial of service (DoS) vulnerability caused by a buffer overflow in the 'Name' input field during the registration process."}, {'type': 'paragraph', 'content': 'An attacker can input a payload of about 1000 characters into this field, which the application does not properly handle, leading to a crash.'}, {'type': 'paragraph', 'content': 'This vulnerability is classified under CWE-120, indicating a classic buffer overflow due to copying data without checking input size.'}] [1, 2]

Impact Analysis

This vulnerability can cause the APKF Product Key Finder application to crash when a specially crafted input is entered into the registration name field.

The impact is a denial of service condition, meaning legitimate users may be unable to use the application until it is restarted or fixed.

The CVSS v3.1 score of 7.5 indicates a high severity impact on availability, but no impact on confidentiality or integrity.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by attempting to reproduce the denial of service condition locally on the system running APKF Product Key Finder 2.5.8.0.'}, {'type': 'paragraph', 'content': 'A proof-of-concept involves generating a payload of 1000 characters (e.g., 1000 "A" characters) and pasting it into the \'Name\' input field during the software\'s registration process.'}, {'type': 'paragraph', 'content': 'For example, you can use a Python script to create the payload and save it to a file:'}, {'type': 'list_item', 'content': 'python -c "print(\'A\'*1000)" > poc.txt'}, {'type': 'paragraph', 'content': "Then, open APKF Product Key Finder, navigate to Register -> Enter Registration Code, and paste the contents of poc.txt into the 'Name' field. If the application crashes, the vulnerability is present."}] [1]

Mitigation Strategies

[{'type': 'paragraph', 'content': "Immediate mitigation steps include avoiding pasting or entering excessively long strings (around 1000 characters) into the 'Name' input field of APKF Product Key Finder 2.5.8.0."}, {'type': 'paragraph', 'content': 'Since the vulnerability is triggered by local user input, restricting access to the application to trusted users and environments can reduce risk.'}, {'type': 'paragraph', 'content': 'Additionally, monitor for updates or patches from the vendor that address this buffer overflow issue and apply them as soon as they become available.'}] [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2020-37179. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart