RAONWIZ v2018.0.2.50 and earlier versions contains a vulnerability that could allow remote files to be downloaded by lack of validation. Vulnerabilities in downloading with Kupload agent allow files to be downloaded to arbitrary paths due to insufficient verification of extensions and download paths. This issue affects: RAONWIZ RAON KUpload 2018.0.2.50 versions and earlier.
References
Link | Resource |
---|---|
https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35582 | Third Party Advisory |
https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35582 | Third Party Advisory |
Configurations
History
21 Nov 2024, 05:37
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35582 - Third Party Advisory |
Information
Published : 2020-09-02 20:15
Updated : 2024-11-21 05:37
NVD link : CVE-2020-7830
Mitre link : CVE-2020-7830
CVE.ORG link : CVE-2020-7830
JSON object : View
Products Affected
raonwiz
- raon_kupload
CWE
CWE-20
Improper Input Validation