CVE-2020-37205 – CVE-2020-37205 is a buffer overflow vulnerabili... (How to Fix)

Q: What is the severity of CVE-2020-37205?

CVE-2020-37205 has a CVSS score of 7.5 (HIGH). CVE-2020-37205 is a buffer overflow vulnerability in RemShutdown 2.9.0.0 that allows attackers to crash the application by sending overly long input to the 'Name' registration field. This affects users of RemShutdown 2.9.0.0 who have the application installed and accessible. The vulnerability enables denial of service attacks against the application.

📋 TL;DR

CVE-2020-37205 is a buffer overflow vulnerability in RemShutdown 2.9.0.0 that allows attackers to crash the application by sending overly long input to the 'Name' registration field. This affects users of RemShutdown 2.9.0.0 who have the application installed and accessible. The vulnerability enables denial of service attacks against the application.

💻 Affected Systems

Products:

RemShutdown

Versions: 2.9.0.0

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in the default configuration when the registration name field is accessible.

📦 What is this software?

Remshutdown by Nsasoft

View all CVEs affecting Remshutdown →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete application crash leading to denial of service, potentially disrupting remote shutdown operations and system management functions.

🟠

Likely Case

Application becomes unresponsive and crashes, requiring manual restart to restore functionality.

🟢

If Mitigated

No impact if input validation is implemented or vulnerable version is not in use.

🌐 Internet-Facing: MEDIUM - Exploitation requires network access to the application, but the application is typically used internally.

🏢 Internal Only: MEDIUM - Internal attackers with access to the application interface can cause service disruption.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit code is publicly available and requires minimal technical skill to execute.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: http://www.nsauditor.com/

Restart Required: No

Instructions:

Check vendor website for updated version. If unavailable, consider alternative software or implement workarounds.

🔧 Temporary Workarounds

Input Length Restriction

windows

Implement input validation to restrict the 'Name' field to a reasonable character limit (e.g., 255 characters).

Not applicable - requires code modification

Network Access Control

windows

Restrict network access to RemShutdown to trusted users only using firewall rules.

netsh advfirewall firewall add rule name="Block RemShutdown" dir=in action=block program="C:\Path\To\RemShutdown.exe" enable=yes

🧯 If You Can't Patch

Disable or uninstall RemShutdown if not essential for operations.
Monitor application logs for crash events and investigate any suspicious activity.

🔍 How to Verify

Check if Vulnerable:

Check if RemShutdown version 2.9.0.0 is installed. Attempt to input a 1000+ character string into the 'Name' registration field to test for crash.

Check Version:

Check application properties or About dialog in RemShutdown GUI.

Verify Fix Applied:

Verify that input validation prevents buffer overflow by testing with long strings. Check that the application version has been updated if a patch becomes available.

📡 Detection & Monitoring

Log Indicators:

Application crash logs
Unexpected termination events in Windows Event Viewer

Network Indicators:

Unusual network traffic to RemShutdown port (default 8080)
Multiple connection attempts with long payloads

SIEM Query:

EventID=1000 OR EventID=1001 AND SourceName="RemShutdown"

📊 Metadata

CVE ID: CVE-2020-37205

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-120

EPSS Score: 0.03% exploit probability (7.4th percentile)

Published: February 11, 2026

Last Updated: February 20, 2026

🔗 References

http://www.nsauditor.com/ Product
https://www.exploit-db.com/exploits/47865 Exploit,Third Party Advisory,VDB Entry
https://www.vulncheck.com/advisories/remshutdown-name-denial-of-service Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-37205, you might also want to check these: