How severe is CVE-2020-7858?

CVE-2020-7858 has a CVSS v3 score of 6.8 (MEDIUM).

CVE-2020-7858

Name: windows
Author: microsoft

6.8MEDIUM

There is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" se

发布于: 4/22/2021更新于: 11/21/2024

描述

There is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" sequences(../../) to view host file on the system. This vulnerability can cause information leakage.

AI分析AI驱动

受影响产品

cdnetworksaquanplayer

2.0.0.92

microsoftwindows

参考资料

https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36014
Third Party Advisory
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36014
Third Party Advisory