CVE-2020-37171

MEDIUM

TapinRadio 2.12.3 - DoS

Title source: llm

Description

TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy username configuration that allows local attackers to crash the application. Attackers can overwrite the username field with 10,000 bytes of arbitrary data to trigger an application crash and prevent normal program functionality.

Exploits (1)

exploitdb WORKING POC

by chuyreds · pythondoswindows

https://www.exploit-db.com/exploits/48013

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/48013

[Various Sources] https://www.raimersoft.com/php/tapinradio.php

[Third Party Advisory] https://www.vulncheck.com/advisories/tapinradio-username-denial-of-service

Scores

CVSS v3 6.2

EPSS 0.0001

EPSS Percentile 0.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-120

Status published

Products (1)

raimersoft/tapinradio < 2.12.3

Published Feb 07, 2026

Tracked Since Feb 18, 2026