CVE-2020-25842

Summary

The encryption function of NHIServiSignAdapter fail to verify the file path input by users. Remote attacker can access arbitrary files through the flaw without privilege.

Affected Software

VendorProductVersion RangeStatus
CHANGING Inc.NHIServiSignAdapter1.0.20.0218affected

Weaknesses

  • Arbitrary File Access

ADP Enrichment

CVE Program Container

Additional References

References