Vulnerabilities ›

CVE-2020-37155

High

CWE-120 — Weakness Type

                    Published: Feb 7, 2026                      ·  Modified: Feb 28, 2026                      ·  Source: NVD                

CVSS v3

7.5

🔗 NVD Official

📄 Description (English)

Core FTP Lite 1.3 contains a buffer overflow vulnerability in the username input field that allows attackers to crash the application by supplying oversized input. Attackers can generate a 7000-byte payload of repeated 'A' characters to trigger an application crash without requiring additional interaction.

🤖 AI Executive Summary

CVE-2020-37155 is a buffer overflow vulnerability in Core FTP Lite 1.3 affecting the username input field, allowing unauthenticated attackers to crash the application via oversized input. While currently lacking public exploits, the vulnerability poses a denial-of-service risk to organizations relying on Core FTP Lite for file transfer operations. Immediate patching is recommended given the high CVSS score of 7.5 and the simplicity of exploitation.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: Apr 30, 2026 10:37

🇸🇦 Saudi Arabia Impact Assessment

Saudi organizations in banking, government, and energy sectors that utilize Core FTP Lite for secure file transfers face operational disruption risks. ARAMCO, SAMA-regulated financial institutions, and government agencies (NCA, NCSC) managing critical infrastructure communications are particularly vulnerable. Telecom operators (STC, Mobily) and healthcare providers using legacy FTP solutions for data exchange could experience service interruptions affecting business continuity and regulatory compliance.

🏢 Affected Saudi Sectors

Banking and Financial Services Government and Public Administration Energy and Utilities Telecommunications Healthcare Critical Infrastructure

🎯 MITRE ATT&CK Techniques

T1499 - Endpoint Denial of Service T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

⚖️ Saudi Risk Score (AI)

7.2

/ 10.0

🔧 Remediation Steps (English)

1. IMMEDIATE ACTIONS:

   - Identify all instances of Core FTP Lite 1.3 in your environment using network scanning and asset inventory tools

   - Restrict network access to FTP services using firewall rules (limit to trusted IP ranges)

   - Implement input validation at network perimeter to reject oversized username fields

   - Monitor FTP logs for repeated connection attempts with abnormal payload sizes



2. PATCHING GUIDANCE:

   - Upgrade Core FTP Lite to version 1.4 or later immediately

   - Test patches in non-production environments before deployment

   - Schedule patching during maintenance windows to minimize business impact



3. COMPENSATING CONTROLS (if immediate patching unavailable):

   - Deploy Web Application Firewall (WAF) rules to detect and block payloads exceeding normal username length (>256 bytes)

   - Implement rate limiting on FTP authentication attempts

   - Use network segmentation to isolate FTP servers from untrusted networks



4. DETECTION RULES:

   - Alert on FTP connections with username fields exceeding 1000 bytes

   - Monitor for repeated failed FTP authentication attempts from single source

   - Log and alert on application crashes correlated with FTP service restarts

🔧 خطوات المعالجة (العربية)

1. الإجراءات الفورية:

   - تحديد جميع نسخ Core FTP Lite 1.3 في بيئتك باستخدام أدوات المسح والجرد

   - تقييد الوصول إلى خدمات FTP باستخدام قواعد جدار الحماية (تحديد النطاقات الموثوقة)

   - تطبيق التحقق من صحة الإدخال على محيط الشبكة لرفض حقول اسم المستخدم الكبيرة

   - مراقبة سجلات FTP للكشف عن محاولات الاتصال المتكررة برحولات غير عادية



2. إرشادات التصحيح:

   - ترقية Core FTP Lite إلى الإصدار 1.4 أو أحدث فوراً

   - اختبار التصحيحات في بيئات غير الإنتاج قبل النشر

   - جدولة التصحيحات خلال نوافذ الصيانة لتقليل التأثير على العمل



3. الضوابط البديلة (إذا تعذر التصحيح الفوري):

   - نشر قواعد جدار تطبيقات الويب للكشف عن الحمولات التي تتجاوز طول اسم المستخدم الطبيعي

   - تطبيق تحديد معدل محاولات المصادقة على FTP

   - استخدام تقسيم الشبكة لعزل خوادم FTP عن الشبكات غير الموثوقة



4. قواعد الكشف:

   - تنبيهات على اتصالات FTP بحقول اسم مستخدم تتجاوز 1000 بايت

   - مراقبة محاولات المصادقة الفاشلة المتكررة من مصدر واحد

   - تسجيل والتنبيه عن أعطال التطبيق المرتبطة بإعادة تشغيل خدمة FTP

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

ECC 2024 A.12.6.1 - Management of technical vulnerabilities ECC 2024 A.14.2.1 - Secure development policy ECC 2024 A.12.2.1 - Monitoring of system use

🔵 SAMA CSF

ID.RA-1 - Asset management and vulnerability identification PR.IP-12 - System and information integrity DE.CM-8 - Vulnerability scans

🟡 ISO 27001:2022

A.12.2.1 - Monitoring of system use A.12.6.1 - Management of technical vulnerabilities A.14.2.1 - Secure development policy

🟣 PCI DSS v4.0.1

Requirement 6.2 - Security patches and updates Requirement 11.2 - Vulnerability scanning

🔗 References & Sources 3

🔗

http://www.coreftp.com/

disclosure@vulncheck.com

🔗

https://www.exploit-db.com/exploits/48100

disclosure@vulncheck.com

🔗

https://www.vulncheck.com/advisories/core-ftp-lite-denial-of-service-poc

disclosure@vulncheck.com

📊 CVSS Score

7.5

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityN — None / Network

IntegrityN — None / Network

AvailabilityH — High

📋 Quick Facts

Severity High

CVSS Score7.5

CWECWE-120

EPSS0.01%

Exploit No

Patch ✓ Yes

Published 2026-02-07

Source Feed nvd

🇸🇦 Saudi Risk Score

7.2

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-120

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2020-37155

💬 Comments

Introduce Yourself

Sign In Required