Design/Logic Flaw

2020-07-1014:15:00

PRIOn knowledge base

www.prio-n.com

9.4 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.6%

JSON

XPLATFORM v9.2.260 and eariler versions contain a vulnerability that could allow remote files to be downloaded by setting the arguments to the vulnerable method. this can be leveraged for code execution. File download vulnerability in COMPONENT of TOBESOFT XPLATFORM allows ATTACKER/ATTACK to cause IMPACT. This issue affects: TOBESOFT XPLATFORM 9.2.250 versions prior to 9.2.260 on Windows.

CPENameOperatorVersion
xplatformle9.2.2.260

CPE	Name	Operator	Version
	xplatform	le	9.2.2.260

References

support.tobesoft.co.kr/Support/index.html

www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35496