TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy address configuration that allows local attackers to crash the application. Attackers can overwrite the address field with 3000 bytes of arbitrary data to trigger an application crash and prevent normal program functionality.
PUBLISHED5.2CWE-120
TapinRadio 2.12.3 - 'address' Denial of Service
Problem type
Affected products
Raimersoft
TapinRadio
2.12.3 - AFFECTED
References
ExploitDB-48011
https://www.exploit-db.com/exploits/48011
TapinRadio Product Webpage
https://www.raimersoft.com/php/tapinradio.php
VulnCheck Advisory: TapinRadio 2.12.3 - 'address' Denial of Service
https://www.vulncheck.com/advisories/tapinradio-address-denial-of-service
GitHub Security Advisories
GHSA-6jgj-p235-wgg8
TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy address...
https://github.com/advisories/GHSA-6jgj-p235-wgg8TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy address configuration that allows local attackers to crash the application. Attackers can overwrite the address field with 3000 bytes of arbitrary data to trigger an application crash and prevent normal program functionality.
nvd.nist.gov
https://nvd.nist.gov/vuln/detail/CVE-2020-37170
exploit-db.com
https://www.exploit-db.com/exploits/48011
raimersoft.com
https://www.raimersoft.com/php/tapinradio.php
vulncheck.com
https://www.vulncheck.com/advisories/tapinradio-address-denial-of-service
github.com
https://github.com/advisories/GHSA-6jgj-p235-wgg8
JSON source
https://cveawg.mitre.org/api/cve/CVE-2020-37170Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2020-37170",
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"dateUpdated": "2026-02-06T23:14:13.354Z",
"dateReserved": "2026-02-06T12:30:55.920Z",
"datePublished": "2026-02-06T23:14:13.354Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck",
"dateUpdated": "2026-02-06T23:14:13.354Z"
},
"datePublic": "2020-02-05T00:00:00.000Z",
"title": "TapinRadio 2.12.3 - 'address' Denial of Service",
"descriptions": [
{
"lang": "en",
"value": "TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy address configuration that allows local attackers to crash the application. Attackers can overwrite the address field with 3000 bytes of arbitrary data to trigger an application crash and prevent normal program functionality."
}
],
"affected": [
{
"vendor": "Raimersoft",
"product": "TapinRadio",
"versions": [
{
"version": "2.12.3",
"status": "affected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
"cweId": "CWE-120",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://www.exploit-db.com/exploits/48011",
"name": "ExploitDB-48011",
"tags": [
"exploit"
]
},
{
"url": "https://www.raimersoft.com/php/tapinradio.php",
"name": "TapinRadio Product Webpage",
"tags": [
"product"
]
},
{
"url": "https://www.vulncheck.com/advisories/tapinradio-address-denial-of-service",
"name": "VulnCheck Advisory: TapinRadio 2.12.3 - 'address' Denial of Service",
"tags": [
"third-party-advisory"
]
}
],
"metrics": [
{
"format": "CVSS"
},
{
"format": "CVSS",
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
}
}
],
"credits": [
{
"lang": "en",
"value": "chuyreds",
"type": "finder"
}
]
}
}
}