CVE-2020-37025

HIGH

Port Forwarding Wizard 4.8.0 - Local Buffer Overflow via Register Feature

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-37025. PoCs published by Sarang Tumne.

AI-analyzed exploit summary This exploit leverages a buffer overflow vulnerability in Port Forwarding Wizard 4.8.0 via a long request in the Register feature, using an EggHunter and shellcode to achieve arbitrary code execution. The SEH (Structured Exception Handler) is overwritten to redirect execution flow.

Description

Port Forwarding Wizard 4.8.0 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code through a long request in the Register feature. Attackers can craft a malicious payload with an egg tag and overwrite SEH handlers to potentially execute shellcode on vulnerable Windows systems.

Exploits (1)

exploitdb WORKING POC
by Sarang Tumne · pythonlocalwindows
https://www.exploit-db.com/exploits/48695

This exploit leverages a buffer overflow vulnerability in Port Forwarding Wizard 4.8.0 via a long request in the Register feature, using an EggHunter and shellcode to achieve arbitrary code execution. The SEH (Structured Exception Handler) is overwritten to redirect execution flow.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Port Forwarding Wizard 4.8.0 and earlier
No auth needed
Prerequisites: Local access to the target system · Port Forwarding Wizard 4.8.0 or earlier installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/48695
Various Sources product
http://www.port-forwarding.net/

Scores

CVSS v3 8.4
EPSS 0.0016
EPSS Percentile 5.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-120
Status published
Published Jan 30, 2026
Tracked Since Feb 18, 2026