Primary

Context

TapinRadio Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in TapinRadio version 2.12.3. This issue arises in the application proxy address configuration, where local attackers can crash the application by overwriting the address field with 3000 bytes of arbitrary data. This exploitation disrupts normal program functionality, causing the application to crash.

Impact

Exploitation of this vulnerability leads to a crash of the TapinRadio application, causing a denial-of-service condition where the application becomes unresponsive and requires a restart.

Reproduction

To reproduce this vulnerability, first run a Python script that generates a payload of 3000 bytes of arbitrary data and saves it to a text file. Then, open TapinRadio and navigate to 'Settings' > 'Preferences' > 'Miscellaneous'. Select 'Set Application Proxy' and paste the contents of the text file into the 'Address' field. After entering a port, username, and password, confirm the settings. The application will crash, demonstrating the denial-of-service vulnerability.

Added: Feb 7, 2026, 12:25 AM

Updated: Feb 7, 2026, 12:25 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TapinRadio Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating