HIGH
TFTP Broadband
CVE published 2026-06-19
CVE-2020-37250
CVE-2020-37250 is a high-severity unquoted service path vulnerability in TFTP Broadband 4.3.0.1465. The tftpt.exe service binary does not properly quote its service path, allowing local attackers to execute arbitrary code with system privileges by placing a malicious executable in the Program Files directory. This vulnerability has a CVSS score of 8.5 and is considered high priority for defenders.