VDB
CVE-2020-37182
CVE-2020-37182
PUBLISHED
Redir 3.3 contains a stack overflow vulnerability in the doproxyconnect() function that allows attackers to crash the application by sending oversized input. Attackers can exploit the sprintf() buffer without proper length checking to overwrite memory and cause a segmentation fault, resulting in program termination.
EPSS 0.06% · 18.0th percentile
Risk Scores
EPSS Score
0.06%
18.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:22.04:LTS | redir | 0, 3.3-1 |
| Ubuntu:16.04:LTS | redir | 0, 2.2.1-13 |
| Ubuntu:18.04:LTS | redir | 0, 3.1-1 |
| Ubuntu:20.04:LTS | redir | 3.2-1, 0 |
| Ubuntu:24.04:LTS | redir | 0, 3.3-1 |
| Ubuntu:25.10 | redir | 0, 3.3-1 |
Exploit Intelligence
- Redir Project GitHub Repository (circl)
- VulnCheck Advisory: Redir 3.3 - Denial of Service (circl)
- ExploitDB-47919 (cve.org)
Timeline
- Feb 11, 2026 CVE Published
- Feb 12, 2026 EPSS Score
- Feb 14, 2026 EPSS Score
- Feb 16, 2026 EPSS Score
- Feb 18, 2026 EPSS Score
- Feb 20, 2026 EPSS Score
- Feb 22, 2026 EPSS Score
- Feb 24, 2026 EPSS Score
- Feb 26, 2026 EPSS Score
- Feb 28, 2026 EPSS Score
- Mar 2, 2026 EPSS Score
- Mar 4, 2026 EPSS Score
References
- https://ubuntu.com/security/CVE-2020-37182 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-37182 third-party-advisory
- https://www.exploit-db.com/exploits/47919 third-party-advisory
- https://github.com/troglobit/redir third-party-advisory
- https://www.vulncheck.com/advisories/redir-denial-of-service third-party-advisory