How severe is CVE-2020-7858?

CVE-2020-7858 has a CVSS v3 score of 6.8 (MEDIUM).

CVE-2020-7858

Name: windows
Author: microsoft

6.8MEDIUM

There is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" se

Publicado: 4/22/2021Actualizado: 11/21/2024

Descripción

There is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" sequences(../../) to view host file on the system. This vulnerability can cause information leakage.

Análisis IAImpulsado por IA

Productos Afectados

cdnetworksaquanplayer

2.0.0.92

microsoftwindows

Referencias

https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36014
Third Party Advisory
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36014
Third Party Advisory