Search criteria
1 vulnerability by Tucows Inc.
CVE-2020-37013 (GCVE-0-2020-37013)
Vulnerability from cvelistv5 – Published: 2026-01-29 14:28 – Updated: 2026-05-12 20:46
VLAI
Title
Audio Playback Recorder 3.2.2 - Local Buffer Overflow (SEH)
Summary
Audio Playback Recorder 3.2.2 contains a local buffer overflow vulnerability in the eject and registration parameters that allows attackers to execute arbitrary code. Attackers can craft malicious payloads and overwrite Structured Exception Handler (SEH) to execute shellcode when pasting specially crafted input into the application's input fields.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/48796 | exploit |
| https://web.archive.org/web/20210105222148/https:… | exploit |
| https://archive.org/details/tucows_288670_Audio_P… | product |
| https://www.vulncheck.com/advisories/audio-playba… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tucows Inc. | Audio Playback Recorder |
Affected:
3.2.2
|
Date Public
2020-09-08 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-37013",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T15:49:22.783188Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T16:48:09.267Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/48796"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Audio Playback Recorder",
"vendor": "Tucows Inc.",
"versions": [
{
"status": "affected",
"version": "3.2.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Felipe Winsnes"
}
],
"datePublic": "2020-09-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Audio Playback Recorder 3.2.2 contains a local buffer overflow vulnerability in the eject and registration parameters that allows attackers to execute arbitrary code. Attackers can craft malicious payloads and overwrite Structured Exception Handler (SEH) to execute shellcode when pasting specially crafted input into the application\u0027s input fields."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T20:46:26.754Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-48796",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/48796"
},
{
"name": "Archived Researcher Proof of Concept Video",
"tags": [
"exploit"
],
"url": "https://web.archive.org/web/20210105222148/https://whitecr0wz.github.io/assets/img/Findings11/11-proof.gif"
},
{
"name": "Product Software Archive",
"tags": [
"product"
],
"url": "https://archive.org/details/tucows_288670_Audio_Playback_Recorder"
},
{
"name": "VulnCheck Advisory: Audio Playback Recorder 3.2.2 - Local Buffer Overflow (SEH)",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/audio-playback-recorder-local-buffer-overflow-seh"
}
],
"title": "Audio Playback Recorder 3.2.2 - Local Buffer Overflow (SEH)",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2020-37013",
"datePublished": "2026-01-29T14:28:31.891Z",
"dateReserved": "2026-01-28T18:18:30.521Z",
"dateUpdated": "2026-05-12T20:46:26.754Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}