CVE-2020-7858
6.8MEDIUMThere is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" se
Опубликовано: 4/22/2021Обновлено: 11/21/2024
Описание
There is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" sequences(../../) to view host file on the system. This vulnerability can cause information leakage.
ИИ-АнализНа базе ИИ
Затронутые продукты
cdnetworksaquanplayer
2.0.0.92
microsoftwindows
-
Ссылки
- https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36014Third Party Advisory
- https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36014Third Party Advisory