CVE-2020-37124

CRITICAL

B64dec 1.1.2 - Stack-based Buffer Overflow via Crafted Base64 Input

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-37124. PoCs published by Andy Bowden.

AI-analyzed exploit summary This exploit leverages a buffer overflow vulnerability in B64dec 1.1.2 via an SEH overflow combined with an egg hunter technique to execute arbitrary code (calc.exe). The payload is generated using msfvenom with shikata_ga_nai encoding.

Description

B64dec 1.1.2 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) with crafted input. Attackers can leverage an egg hunter technique and carefully constructed payload to inject and execute malicious code during base64 decoding process.

Exploits (1)

exploitdb WORKING POC
by Andy Bowden · pythonlocalwindows
https://www.exploit-db.com/exploits/48317

This exploit leverages a buffer overflow vulnerability in B64dec 1.1.2 via an SEH overflow combined with an egg hunter technique to execute arbitrary code (calc.exe). The payload is generated using msfvenom with shikata_ga_nai encoding.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Base64 Decoder 1.1.2
No auth needed
Prerequisites: Victim must open the generated 'crash.txt' file in B64dec 1.1.2 and trigger the decode function.
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/48317
Various Sources product
http://4mhz.de/b64dec.html

Scores

CVSS v3 9.8
EPSS 0.0035
EPSS Percentile 27.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-121
Status published
Products (1)
4Mhz/B64dec 1.1.2
Published Feb 05, 2026
Tracked Since Feb 18, 2026