CVE-2020-13768

CRITICAL

MiniShare < 1.4.2 - Stack-Based Buffer Overflow via HTTP PUT Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-13768. PoCs published by TheMalwareGuardian.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2020-13768, a stack-based buffer overflow in MiniShare 1.4.1. The exploit includes Python scripts for fuzzing, offset discovery, and shellcode execution, demonstrating remote code execution via an HTTP PUT request.

Description

In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued.

Exploits (1)

nomisec WORKING POC
by TheMalwareGuardian · poc
https://github.com/TheMalwareGuardian/CVE-2020-13768

This repository contains a functional exploit for CVE-2020-13768, a stack-based buffer overflow in MiniShare 1.4.1. The exploit includes Python scripts for fuzzing, offset discovery, and shellcode execution, demonstrating remote code execution via an HTTP PUT request.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: MiniShare 1.4.1
No auth needed
Prerequisites: Network access to MiniShare server · Python 3 environment
devstral-2 · analyzed Mar 24, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 9.8
EPSS 0.0209
EPSS Percentile 79.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (1)
minishare_project/minishare < 1.4.2
Published Jun 04, 2020
Tracked Since Feb 18, 2026