CVE-2020-37182
Stack Overflow in Redir 3.3 doproxyconnect() Causes Crash
Publication date: 2026-02-11
Last updated on: 2026-02-12
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| troglobit | redir | to 3.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2020-37182 is a stack-based buffer overflow vulnerability found in Redir version 3.3, specifically in the doproxyconnect() function.
The vulnerability occurs because the function uses sprintf() to write data into a fixed-size buffer without proper length checking, allowing an attacker to send oversized input that overflows the buffer.
This overflow can overwrite memory on the stack, leading to a segmentation fault and causing the application to crash.
Essentially, an attacker can cause a denial of service by crashing the Redir application through sending specially crafted input.
How can this vulnerability impact me? :
This vulnerability can be exploited by attackers to cause a denial of service (DoS) condition by crashing the Redir application.
Since Redir is a TCP port redirector, crashing it can disrupt network traffic redirection services, potentially causing service outages or interruptions.
The CVSS v4.0 base score of 8.7 indicates a high severity impact with no required privileges or user interaction for exploitation.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by testing the Redir 3.3 application for crashes caused by sending oversized input to the doproxyconnect() function. One practical approach is to run Redir under a debugger such as gdb and supply a very long string as the connect_str parameter to trigger the buffer overflow.'}, {'type': 'paragraph', 'content': "An example command to reproduce the crash is to run Redir with a long string of 'A' characters as the CONNECT string parameter, which causes a segmentation fault due to buffer overflow."}, {'type': 'paragraph', 'content': 'While no specific detection commands are provided, the following general approach can be used:'}, {'type': 'list_item', 'content': 'Run Redir under gdb: `gdb --args redir [options]`'}, {'type': 'list_item', 'content': "Set the connect_str parameter to a very long string (e.g., a string of 'A's) to test for overflow."}, {'type': 'list_item', 'content': 'Observe if the program crashes with a segmentation fault (SIGSEGV), indicating the vulnerability is present.'}] [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include stopping the use of Redir version 3.3 or earlier until a patched version is available, as the vulnerability allows attackers to crash the application remotely.
Since the vulnerability is caused by unsafe use of sprintf() without length checking, upgrading to a version of Redir where this issue is fixed or applying patches to the source code to add proper bounds checking is recommended.
Additionally, restricting access to the Redir service using firewall rules or TCP wrappers can reduce exposure to potential attackers.
- Stop or disable Redir 3.3 instances until patched.
- Apply patches or upgrade to a fixed version of Redir.
- Use access control mechanisms such as TCP wrappers or firewall rules to limit connections to Redir.