How severe is CVE-2020-7858?

CVE-2020-7858 has a CVSS v3 score of 6.8 (MEDIUM).

CVE-2020-7858

Name: windows
Author: microsoft

6.8MEDIUM

There is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" se

Publicado: 4/22/2021Atualizado: 11/21/2024

Descrição

There is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" sequences(../../) to view host file on the system. This vulnerability can cause information leakage.

Análise IADesenvolvido por IA

Produtos Afetados

cdnetworksaquanplayer

2.0.0.92

microsoftwindows

Referências

https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36014
Third Party Advisory
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36014
Third Party Advisory