CVE-2020-37121

MEDIUM

CODE::BLOCKS 16.01 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-37121. PoCs published by T3jv1l.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in Code Blocks 16.01 via a crafted .m3u file, leveraging SEH overwrite with Unicode alignment. The PoC includes a placeholder for shellcode but currently uses a breakpoint instruction (\xcc).

Description

CODE::BLOCKS 16.01 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler with crafted Unicode characters. Attackers can create a malicious M3U playlist file with 536 bytes of buffer and shellcode to trigger remote code execution.

Exploits (1)

exploitdb WORKING POC
by T3jv1l · pythonlocalwindows
https://www.exploit-db.com/exploits/48344

This exploit demonstrates a buffer overflow vulnerability in Code Blocks 16.01 via a crafted .m3u file, leveraging SEH overwrite with Unicode alignment. The PoC includes a placeholder for shellcode but currently uses a breakpoint instruction (\xcc).

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: Code Blocks 16.01
No auth needed
Prerequisites: Victim must open the malicious .m3u file in Code Blocks 16.01
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/48344
Various Sources product
https://www.codeblocks.org/

Scores

CVSS v3 5.5
EPSS 0.0021
EPSS Percentile 10.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-121
Status published
Products (1)
Code::Blocks/Code::Blocks 16.01
Published Feb 05, 2026
Tracked Since Feb 18, 2026