Flexsense DiskBoss 'Reports and Data Directory' Buffer Overflow

Advisories

Flexsense DiskBoss 'Reports and Data Directory' Buffer Overflow

severity: critical
date: 12/5/2025
Affecting: 7.7.14
CVE: CVE-2020-36880
CVE type: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
CVSS: 9.4
CVSS V4 Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
References: ExploitDB-48689
DiskBoss Product Homepage
Credit: MasterVlad
Description: Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Reports and Data Directory' field that allows an attacker to execute arbitrary code on the system.

Ready to get Started?

Explore VulnCheck, a next-generation Cyber Threat Intelligence platform, which provides exploit and vulnerability intelligence to help you prioritize and remediate vulnerabilities that matter.

Vulnerability Prioritization
Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't.
Early Warning System
Real-time alerting of changes in the vulnerability landscape so that you can take action before the attacks start.

Schedule a Demo