CVE-2020-7867

An improper input validation vulnerability in Helpu solution could allow a local attacker to arbitrary file creation and execution without click file transfer menu. It is possible to file in arbitrary directory for user because the viewer program receive the file from agent with privilege of administrator.
Configurations

Configuration 1 (hide)

cpe:2.3:a:helpu:helpuviewer:2018.5.21.0:*:*:*:*:windows:*:*

History

21 Nov 2024, 05:37

Type Values Removed Values Added
CVSS v2 : 4.6
v3 : 7.8
v2 : 4.6
v3 : 8.0
References () https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36303 - Third Party Advisory () https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36303 - Third Party Advisory

Information

Published : 2021-10-27 01:15

Updated : 2024-11-21 05:37


NVD link : CVE-2020-7867

Mitre link : CVE-2020-7867

CVE.ORG link : CVE-2020-7867


JSON object : View

Products Affected

helpu

  • helpuviewer
CWE
CWE-20

Improper Input Validation