Skip to main content

DNS CVE-2020-37095

CRITICAL
Stack-based Buffer Overflow (CWE-121)
2026-02-07 disclosure@vulncheck.com
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
PoC Detected
Feb 09, 2026 - 16:08 vuln.today
Public exploit code
CVE Published
Feb 07, 2026 - 00:15 nvd
CRITICAL 9.8

DescriptionCVE.org

Cyberoam Authentication Client 2.1.2.7 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) memory. Attackers can craft a malicious input in the 'Cyberoam Server Address' field to trigger a bind TCP shell on port 1337 with system-level access.

AnalysisAI

Cyberoam Authentication Client 2.1.2.7 has a buffer overflow allowing remote attackers to execute code through the network authentication service.

Technical ContextAI

Cyberoam Authentication Client 2.1.2.7 has a CWE-121 stack buffer overflow in its network communication handler.

Affected ProductsAI

Cyberoam Authentication Client 2.1.2.7

RemediationAI

Update the client software.

More in DNS

View all
CVE-2026-24054 CRITICAL POC
10.0 Jan 29

Sandbox escape in Kata Containers allowing guest VM to access host resources. CVSS 10.0 — undermines the core security g

CVE-2019-25361 CRITICAL POC
9.8 Feb 18

Buffer overflow in Ayukov NFTP client 1.71 in SYST command handling allows remote FTP servers to execute arbitrary code

CVE-2019-25327 CRITICAL POC
9.8 Feb 12

Buffer overflow in Prime95 29.8 build 6 user ID field allows code execution. PoC available.

CVE-2019-25319 CRITICAL POC
9.8 Feb 12

Stack overflow in Domain Quester Pro 6.02 via SEH overwrite. PoC available.

CVE-2021-47774 CRITICAL POC
9.8 Jan 15

Kingdia CD Extractor 3.0.2 has a buffer overflow in the registration name field. PoC available.

CVE-2021-47785 CRITICAL POC
9.8 Jan 16

Ether MP3 CD Burner 1.3.8 has buffer overflow in registration enabling bind shell on port 3110 via SEH overwrite. PoC av

CVE-2019-25362 CRITICAL POC
9.8 Feb 18

Buffer overflow in WMV to AVI MPEG DVD Convertor 4.6.1217 allows code execution via crafted media files. PoC available.

CVE-2020-37119 CRITICAL POC
9.8 Feb 05

Stack-based buffer overflow in Nsauditor Network Auditing Tool 3.0.28 and 3.2.1.0 in the DNS Lookup tool allows attacker

CVE-2026-1678 CRITICAL POC
9.4 Mar 05

Buffer overflow in Zephyr RTOS dns_unpack_name() function causing OOB writes. PoC available.

CVE-2026-2186 HIGH POC
8.8 Feb 08

Stack-based buffer overflow in Tenda RX3 firmware 16.03.13.11 allows authenticated remote attackers to achieve full syst

CVE-2026-3379 HIGH POC
8.8 Mar 01

Remote code execution in Tenda F453 1.0.0.3 DNS firmware via a buffer overflow in the /goform/SetIpBind endpoint allows

CVE-2019-25318 HIGH POC
8.8 Feb 12

AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by

Share

CVE-2020-37095 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy