CVE-2020-37190

HIGH

Top Password Firefox Password Recovery <2.8 - DoS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-37190. PoCs published by antonio.

AI-analyzed exploit summary This PoC exploits a buffer overflow vulnerability in Top Password Firefox Password Recovery 2.8 by sending a large string of 'A' characters to the User Name / Registration Code input fields, causing a denial of service (DoS). The exploit is straightforward and demonstrates the vulnerability effectively.

Description

Top Password Firefox Password Recovery 2.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting 5000 characters into the User Name or Registration Code input fields.

Exploits (1)

exploitdb WORKING POC
by antonio · pythondoswindows
https://www.exploit-db.com/exploits/47912

This PoC exploits a buffer overflow vulnerability in Top Password Firefox Password Recovery 2.8 by sending a large string of 'A' characters to the User Name / Registration Code input fields, causing a denial of service (DoS). The exploit is straightforward and demonstrates the vulnerability effectively.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Top Password Firefox Password Recovery 2.8
No auth needed
Prerequisites: Access to the input fields in the target software
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/47912
Various Sources product
https://www.top-password.com/

Scores

CVSS v3 7.5
EPSS 0.0028
EPSS Percentile 19.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-120
Status published
Published Feb 11, 2026
Tracked Since Feb 18, 2026