CVE-2020-37133

UltraVNC Launcher 1.2.4.0 - 'RepeaterHost' Denial of Service

CVSS 6.7 MEDIUMEPSS 0.5%CWE-121

UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allows attackers to crash the application. Attackers can paste an overly long string of 300 characters into the Repeater Host property to trigger an application crash.

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected products

UltraVNC Team · UltraVNC Launcher

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.exploit-db.com/exploits/48288 https://www.uvnc.com/https://www.vulncheck.com/advisories/ultravnc-launcher-repeaterhost-denial-of-service