CVE-2020-37068
CRITICAL
2026-02-03
[email protected]
9.8
CVSS 3.1
Share
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Lifecycle Timeline
3
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
PoC Detected
Feb 25, 2026 - 19:00 vuln.today
Public exploit code
CVE Published
Feb 03, 2026 - 22:16 nvd
CRITICAL 9.8
Description
Konica Minolta FTP Utility 1.0 contains a buffer overflow vulnerability in the LIST command that allows attackers to overwrite system registers. Attackers can send an oversized buffer of 1500 'A' characters to crash the FTP server and potentially execute unauthorized code.
Analysis
Konica Minolta FTP Utility 1.0 has a buffer overflow in the LIST command allowing remote attackers to execute code on systems running the utility.
Technical Context
The LIST command handler in Konica Minolta FTP Utility 1.0 has a CWE-120 buffer overflow when processing directory listings with oversized filenames or paths.
Affected Products
['Konica Minolta FTP Utility 1.0']
Remediation
Update or replace the utility.
Priority Score
69
Low
Medium
High
Critical
KEV: 0
EPSS: +0.1
CVSS: +49
POC: +20
Share
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).