CVE-2020-7858
6.8MEDIUMThere is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" se
Veröffentlicht: 4/22/2021Aktualisiert: 11/21/2024
Beschreibung
There is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" sequences(../../) to view host file on the system. This vulnerability can cause information leakage.
KI-AnalyseKI-gestützt
Betroffene Produkte
cdnetworksaquanplayer
2.0.0.92
microsoftwindows
-
Referenzen
- https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36014Third Party Advisory
- https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36014Third Party Advisory