CVE-2020-7858
6.8MEDIUMThere is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" se
게시됨: 4/22/2021업데이트됨: 11/21/2024
설명
There is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" sequences(../../) to view host file on the system. This vulnerability can cause information leakage.
AI 분석AI 기반
영향받는 제품
cdnetworksaquanplayer
2.0.0.92
microsoftwindows
-
참조
- https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36014Third Party Advisory
- https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36014Third Party Advisory