CVE-2020-37133

HIGH

UltraVNC Launcher 1.2.4.0 - DoS

Title source: llm

Description

UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allows attackers to crash the application. Attackers can paste an overly long string of 300 characters into the Repeater Host property to trigger an application crash.

Exploits (1)

exploitdb WORKING POC

by chuyreds · pythondoswindows

https://www.exploit-db.com/exploits/48288

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/48288

[Product] https://www.uvnc.com/

[Third Party Advisory] https://www.vulncheck.com/advisories/ultravnc-launcher-repeaterhost-denial-of-service

Scores

CVSS v3 7.5

EPSS 0.0001

EPSS Percentile 3.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-121 CWE-787

Status published

Products (1)

uvnc/ultravnc < 1.2.4.0

Published Feb 05, 2026

Tracked Since Feb 18, 2026