How severe is CVE-2020-7858?

CVE-2020-7858 has a CVSS v3 score of 6.8 (MEDIUM).

CVE-2020-7858

Name: windows
Author: microsoft

6.8MEDIUM

There is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" se

Published: 4/22/2021Updated: 11/21/2024

Description

There is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" sequences(../../) to view host file on the system. This vulnerability can cause information leakage.

AI AnalysisPowered by AI

Affected Products

cdnetworksaquanplayer

2.0.0.92

microsoftwindows

References

https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36014
Third Party Advisory
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36014
Third Party Advisory