Lucene search

K
cve[email protected]CVE-2020-7814
HistoryJul 10, 2020 - 1:15 p.m.

CVE-2020-7814

2020-07-1013:15:10
CWE-20
web.nvd.nist.gov
24
cve-2020-7814
raonwiz
v2018.0.2.50
remote code execution
file download vulnerability
nvd
security issue

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.1%

RAONWIZ v2018.0.2.50 and eariler versions contains a vulnerability that could allow remote files to be downloaded and excuted by lack of validation to file extension, witch can used as remote-code-excution attacks by hackers File download & execution vulnerability in COMPONENT of RAONWIZ RAON KUpload allows ATTACKER/ATTACK to cause IMPACT. This issue affects: RAONWIZ RAON KUpload 2018.0.2.50 versions prior to 2018.0.2.51 on Windows.

Affected configurations

NVD
Node
microsoftwindowsMatch-
AND
raonwizraon_k_uploadRange<2018.0.2.51

CNA Affected

[
  {
    "platforms": [
      "Windows"
    ],
    "product": "RAON KUpload",
    "vendor": "RAONWIZ",
    "versions": [
      {
        "lessThan": "2018.0.2.51",
        "status": "affected",
        "version": "2018.0.2.50",
        "versionType": "custom"
      }
    ]
  }
]

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.1%

Related for CVE-2020-7814