Vulnerabilities ›

CVE-2020-37209

High ⚡ Exploit Available

SpotFTP 3.0.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload a

CWE-120 — Weakness Type

                    Published: Feb 11, 2026                      ·  Modified: Feb 28, 2026                      ·  Source: NVD                

CVSS v3

7.5

🔗 NVD Official

📄 Description (English)

🤖 AI Executive Summary

SpotFTP 3.0.0.0 contains a buffer overflow vulnerability in the registration name input field that enables unauthenticated denial of service attacks. An attacker can crash the application by submitting a 1000-character payload, disrupting file transfer operations. With exploit code publicly available and affecting legacy FTP infrastructure, immediate patching is critical for organizations still relying on SpotFTP.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: May 1, 2026 04:33

🇸🇦 Saudi Arabia Impact Assessment

Saudi organizations using SpotFTP for legacy file transfer operations face service disruption risks, particularly in: Government agencies (NCA, CITC) managing document workflows; Banking sector (SAMA-regulated institutions) for secure file exchanges; Energy sector (ARAMCO, utilities) for operational data transfer; Healthcare facilities managing patient records; Telecommunications providers (STC, Mobily) for internal file management. The vulnerability enables remote DoS attacks without authentication, potentially disrupting critical business processes and compliance-dependent operations.

🏢 Affected Saudi Sectors

Government Banking Healthcare Energy Telecommunications Education

🎯 MITRE ATT&CK Techniques

T1499 - Endpoint Denial of Service T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

⚖️ Saudi Risk Score (AI)

7.2

/ 10.0

🔧 Remediation Steps (English)

IMMEDIATE ACTIONS:

1. Identify all SpotFTP 3.0.0.0 installations across the organization using network scanning and asset inventory tools

2. Implement network-level access controls restricting FTP traffic to authorized internal networks only

3. Disable SpotFTP services if not actively required; migrate to modern SFTP/FTPS alternatives

4. Monitor FTP ports (21, 990) for suspicious connection attempts and oversized payloads



PATCHING:

1. Upgrade SpotFTP to version 3.0.0.1 or later immediately

2. Verify patch installation and restart FTP services

3. Test file transfer functionality post-patching



COMPENSATING CONTROLS (if upgrade delayed):

1. Deploy WAF/IDS rules to detect and block payloads exceeding 256 characters in FTP NAME field

2. Implement rate limiting on FTP registration attempts

3. Isolate SpotFTP servers on segmented networks with strict ingress filtering

4. Enable detailed FTP logging and configure alerts for connection failures



DETECTION:

1. Monitor FTP logs for NAME field entries exceeding 1000 characters

2. Alert on repeated FTP connection failures or application crashes

3. Track FTP service restarts and unexpected terminations

🔧 خطوات المعالجة (العربية)

الإجراءات الفورية:

1. تحديد جميع تثبيتات SpotFTP 3.0.0.0 عبر المنظمة باستخدام أدوات المسح والجرد

2. تطبيق ضوابط الوصول على مستوى الشبكة لتقييد حركة FTP للشبكات الداخلية المصرح بها فقط

3. تعطيل خدمات SpotFTP إذا لم تكن مطلوبة بنشاط؛ الهجرة إلى بدائل SFTP/FTPS الحديثة

4. مراقبة منافذ FTP (21، 990) للاتصالات المريبة والحمولات الكبيرة

التصحيح:

1. ترقية SpotFTP إلى الإصدار 3.0.0.1 أو أحدث فوراً

2. التحقق من تثبيت التصحيح وإعادة تشغيل خدمات FTP

3. اختبار وظيفة نقل الملفات بعد التصحيح

الضوابط البديلة (إذا تأخر الترقية):

1. نشر قواعس WAF/IDS للكشف عن حمولات تتجاوز 256 حرفاً في حقل FTP NAME

2. تطبيق تحديد معدل محاولات تسجيل FTP

3. عزل خوادم SpotFTP على شبكات مقسمة مع تصفية الدخول الصارمة

4. تفعيل تسجيل FTP التفصيلي وتكوين التنبيهات لفشل الاتصال

الكشف:

1. مراقبة سجلات FTP لإدخالات حقل NAME تتجاوز 1000 حرف

2. التنبيه على فشل اتصال FTP المتكرر أو أعطال التطبيق

3. تتبع إعادة تشغيل خدمة FTP والإنهاء غير المتوقع

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

A.12.6.1 - Management of technical vulnerabilities A.14.2.1 - Secure development policy A.12.2.1 - Monitoring of system use

🔵 SAMA CSF

ID.RA-1 - Asset management and vulnerability identification PR.IP-12 - Software development and acquisition controls DE.CM-1 - Detection and monitoring of anomalous activity

🟡 ISO 27001:2022

A.12.6.1 - Management of technical vulnerabilities A.14.2.5 - Secure development environment A.12.4.1 - Event logging

🟣 PCI DSS v4.0.1

6.2 - Security patches and updates 11.2 - Vulnerability scanning

🔗 References & Sources 3

🔗

http://www.nsauditor.com/

disclosure@vulncheck.com

Product

🔗

https://www.exploit-db.com/exploits/47868

disclosure@vulncheck.com

Exploit Third Party Advisory VDB Entry

🔗

https://www.vulncheck.com/advisories/spotftp-ftp-password-recovery-name-denial-of-service

disclosure@vulncheck.com

Third Party Advisory

📦 Affected Products / CPE 1 entries

nsasoft:spotftp:3.0.0.0

📊 CVSS Score

7.5

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityH — High

IntegrityN — None / Network

AvailabilityN — None / Network

📋 Quick Facts

Severity High

CVSS Score7.5

CWECWE-120

EPSS0.03%

Exploit ✓ Yes

Patch ✓ Yes

Published 2026-02-11

Source Feed nvd

🇸🇦 Saudi Risk Score

7.2

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

exploit-available CWE-120

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2020-37209

💬 Comments

Introduce Yourself

Sign In Required