CVE-2020-37038

HIGH

Code Blocks 20.03 - Denial of Service via FSymbols Search Field

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-37038. PoCs published by Paras Bhatia.

AI-analyzed exploit summary This exploit generates a 5000-byte buffer of 'A' characters to trigger a Denial of Service (DoS) in Code Blocks 20.03 by pasting the payload into the 'Search' field of the 'FSymbols' tab. The crash occurs due to improper handling of the input buffer.

Description

Code Blocks 20.03 contains a denial of service vulnerability that allows attackers to crash the application by manipulating input in the FSymbols search field. Attackers can paste a large payload of 5000 repeated characters into the search field to trigger an application crash.

Exploits (1)

exploitdb WORKING POC
by Paras Bhatia · pythondoswindows
https://www.exploit-db.com/exploits/48617

This exploit generates a 5000-byte buffer of 'A' characters to trigger a Denial of Service (DoS) in Code Blocks 20.03 by pasting the payload into the 'Search' field of the 'FSymbols' tab. The crash occurs due to improper handling of the input buffer.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Code Blocks 20.03
No auth needed
Prerequisites: Code Blocks 20.03 installed on Windows 7 Ultimate Service Pack 1 (32 bit - English) · Python to generate the payload file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/48617
Various Sources product
http://www.codeblocks.org/
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/code-blocks-denial-of-service

Scores

CVSS v3 7.5
EPSS 0.0037
EPSS Percentile 28.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-770
Status published
Published Jan 30, 2026
Tracked Since Feb 18, 2026