CVE-2020-25846

Summary

The digest generation function of NHIServiSignAdapter has not been verified for source file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of user's credential.

Affected Software

VendorProductVersion RangeStatus
CHANGING Inc.NHIServiSignAdapter1.0.20.0218affected

Weaknesses

  • Information Leakage

ADP Enrichment

CVE Program Container

Additional References

References