anonhaven
Ad

CVE-2020-37042

HIGH CVSS 4.0: 8.4 EPSS 0.01%
Updated Jan 30, 2026
Frigate
Parameter Value
CVSS 8.4 (HIGH)
Type CWE-120 (Buffer Copy without Checking Size)
Vendor Frigate
Public PoC Yes

Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the 'Find Computer' feature that allows attackers to execute arbitrary code by overflowing the computer name input field. Attackers can craft a malicious payload that triggers a buffer overflow, enabling code execution and launching calculator as a proof of concept.

Attack Parameters

Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Attack Requirements
None
No additional conditions
Privileges Required
None
No privileges needed
User Interaction
Active
User action required

Impact Assessment

Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
High
Complete denial of service

CVSS Vector v4.0

Weakness Type (CWE)

CWE-120 Buffer Copy without Checking Size

References 3

https://web.archive.org/web/20190623044943/http://www.frigate3.com/index.php
disclosure@vulncheck.com
https://www.exploit-db.com/exploits/48579
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/frigate-professional-find-computer-local-b…
disclosure@vulncheck.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-33470

Frigate

4.3

CVE-2026-33469

Frigate

6.5

CVE-2026-33126

Frigate

4.3

CVE-2026-33125

Frigate

8.1

CVE-2026-33124

Frigate

8.6