CVE-2020-37000

CriticalPublic PoC

Published: 29 January 2026

Published

29 January 2026

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0015 35.3th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Free MP3 CD Ripper 2.8 contains a stack buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting a malicious WAV file with oversized payload. Attackers can leverage a specially crafted exploit file with shellcode, SEH bypass,…

and egghunter technique to achieve remote code execution on vulnerable Windows systems.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Requires timely patching or removal of the stack buffer overflow flaw in Free MP3 CD Ripper to eliminate the vulnerability.

SI-16 Memory Protection good match

prevent

Implements memory safeguards like ASLR, DEP, and stack canaries that directly mitigate exploitation of the stack buffer overflow for remote code execution.

SI-10 Information Input Validation good match

prevent

Enforces validation of WAV file inputs to reject oversized payloads that trigger the buffer overflow vulnerability.

Security SummaryAI

CVE-2020-37000 is a stack buffer overflow vulnerability (CWE-121) affecting Free MP3 CD Ripper version 2.8 on Windows systems. The flaw occurs when processing WAV files with oversized payloads, enabling remote attackers to execute arbitrary code. It carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its network accessibility, low complexity, and high impact on confidentiality, integrity, and availability.

Remote, unauthenticated attackers can exploit the vulnerability by delivering a specially crafted malicious WAV file. Successful exploitation leverages shellcode, SEH bypass, and egghunter techniques to achieve remote code execution on vulnerable systems, requiring no user interaction or privileges.

Advisories and exploit details are documented in references including the vendor site at https://www.cleanersoft.com, a proof-of-concept exploit at https://www.exploit-db.com/exploits/48696, and a VulnCheck advisory at https://www.vulncheck.com/advisories/free-mp-cd-ripper-stack-buffer-overflow-seh-egghunter. No specific patch or mitigation steps are detailed in the provided information.

Details

CWE(s): CWE-121

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution

Adversaries may exploit software vulnerabilities in client applications to execute code.

attack.mitre.org →

Why these techniques?

Stack buffer overflow vulnerability in Free MP3 CD Ripper enables remote code execution via a malicious WAV file processed by the client application, directly mapping to Exploitation for Client Execution (T1203).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://www.cleanersoft.com
disclosure@vulncheck.com
https://www.exploit-db.com/exploits/48696
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/free-mp-cd-ripper-stack-buffer-overflow-seh-egghunter
disclosure@vulncheck.com