In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link attack with file restoration functionality.
CPE | Name | Operator | Version |
---|---|---|---|
k7_ultimate_security | eq | 16.0.0117 |