CVE-2020-37067 – CVE-2020-37067 is a critical buffer overflow vu... (How to Fix)

Q: What is the severity of CVE-2020-37067?

CVE-2020-37067 has a CVSS score of 9.8 (CRITICAL). CVE-2020-37067 is a critical buffer overflow vulnerability in Filetto 1.0 FTP server that allows unauthenticated attackers to crash the service by sending an oversized FEAT command. This creates a denial of service condition, making the FTP server unavailable to legitimate users. Anyone running Filetto 1.0 FTP server is affected.

📋 TL;DR

CVE-2020-37067 is a critical buffer overflow vulnerability in Filetto 1.0 FTP server that allows unauthenticated attackers to crash the service by sending an oversized FEAT command. This creates a denial of service condition, making the FTP server unavailable to legitimate users. Anyone running Filetto 1.0 FTP server is affected.

💻 Affected Systems

Products:

Filetto FTP Server

Versions: 1.0

Operating Systems: Windows, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of Filetto 1.0 are vulnerable regardless of configuration.

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption of the FTP server, potentially affecting dependent services or business operations that rely on file transfers.

🟠

Likely Case

FTP service becomes unresponsive and requires manual restart, causing temporary file transfer interruptions.

🟢

If Mitigated

Minimal impact if the service is behind network controls or not internet-facing, though internal attackers could still exploit.

🌐 Internet-Facing: HIGH - Unauthenticated remote attackers can easily crash the service with minimal effort.

🏢 Internal Only: HIGH - The vulnerability requires no authentication and is trivial to exploit from any network position.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit code is publicly available on Exploit-DB (ID 48503) and requires minimal technical skill to execute.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: N/A

Vendor Advisory: N/A

Restart Required: No

Instructions:

No official patch exists. Consider migrating to a maintained FTP server solution or implementing workarounds.

🔧 Temporary Workarounds

Network Filtering

linux

Block or filter oversized FEAT commands at network perimeter using firewall or IPS rules.

iptables -A INPUT -p tcp --dport 21 -m string --string "FEAT" --algo bm -m length --length 11008 -j DROP

Service Restriction

linux

Restrict FTP server access to trusted IP addresses only.

iptables -A INPUT -p tcp --dport 21 -s trusted_ip_range -j ACCEPT
iptables -A INPUT -p tcp --dport 21 -j DROP

🧯 If You Can't Patch

Replace Filetto with a maintained, secure FTP server alternative like vsftpd or FileZilla Server.
Implement network segmentation to isolate the FTP server from untrusted networks.

🔍 How to Verify

Check if Vulnerable:

Check if Filetto 1.0 is installed and running on port 21. Use netstat to identify listening services: netstat -tulpn | grep :21

Check Version:

Check application documentation or process information for version details.

Verify Fix Applied:

Test with the exploit payload from Exploit-DB 48503. If service remains responsive, workaround may be effective.

📡 Detection & Monitoring

Log Indicators:

FTP service crash logs
Unusual large FEAT command entries in FTP logs
Service restart events

Network Indicators:

Large (11,008+ byte) FTP FEAT commands
Multiple connection attempts followed by service unavailability

SIEM Query:

source="ftp.log" AND command="FEAT" AND size>11000

📊 Metadata

CVE ID: CVE-2020-37067

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-770

Published: February 3, 2026

Last Updated: February 5, 2026

🤖 AI-assisted analysis, reviewed for accuracy

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-37067, you might also want to check these: