CVE-2020-36949 MEDIUM

CVE-2020-36949: TapinRadio 2.13.7 - Denial of Service

Vendor Raimersoft
Product TapinRadio
Weakness CWE-770 · Uncontrolled resource consumption
Published January 27, 2026
Last update January 27, 2026

CVSS base score

6.7/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

TapinRadio 2.13.7 contains a denial of service vulnerability in the application proxy settings that allows attackers to crash the program by overflowing input fields. Attackers can paste a large buffer of 20,000 characters into the username and address fields to cause the application to become unresponsive and require reinstallation.

Key dates

02Disclosure timeline

January 27, 2026 CVE published
January 27, 2026 Record updated