CVE-2020-37250

HIGH

TFTP Broadband 4.3.0.1465 Unquoted Service Path Privilege Escalation

Title source: cna
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-37250. PoCs published by Erick Galindo.

AI-analyzed exploit summary This is a technical writeup detailing an unquoted service path vulnerability in TFTP Broadband 4.3.0.1465. The vulnerability allows for local privilege escalation by exploiting the service path's lack of quotes, enabling arbitrary code execution during system startup or reboot.

Description

TFTP Broadband 4.3.0.1465 contains an unquoted service path vulnerability in the tftpt.exe service binary that allows local attackers to execute arbitrary code with system privileges. Attackers can place a malicious executable in the Program Files directory path that will be executed during service startup or system reboot with LocalSystem privileges.

Exploits (1)

exploitdb WRITEUP
by Erick Galindo · textlocalwindows
https://www.exploit-db.com/exploits/49852

This is a technical writeup detailing an unquoted service path vulnerability in TFTP Broadband 4.3.0.1465. The vulnerability allows for local privilege escalation by exploiting the service path's lack of quotes, enabling arbitrary code execution during system startup or reboot.

Classification
Writeup 90%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: TFTP Broadband 4.3.0.1465
Auth required
Prerequisites: Local access to the system · Ability to place an executable in the vulnerable path
devstral-2 · analyzed Jun 19, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit exploit
ExploitDB-49852
https://www.exploit-db.com/exploits/49852
Product product
Official Product Homepage
https://www.weird-solutions.com
Third Party Advisory third-party-advisory
VulnCheck Advisory: TFTP Broadband 4.3.0.1465 Unquoted Service Path Privilege Escalation
https://www.vulncheck.com/advisories/tftp-broadband-unquoted-service-path-privilege-escalation

Scores

CVSS v3 7.8
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-428
Status published
Products (1)
Weird-Solutions/TFTP Broadband 4.3.0.1465
Published Jun 19, 2026
Tracked Since Jun 19, 2026