CVE-2020-7806
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary code execution vulnerability by using method supported by Xplatform ActiveX Control. It allows attacker to cause remote code execution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Tobesoft | Xplatform | 9.2.2.250 <= 9.2.2.260 | affected |
Weaknesses
- CWE-494: CWE-494 Download of Code Without Integrity Check
ADP Enrichment
CVE Program Container
Additional References
- http://support.tobesoft.co.kr/Support/index.html
- https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35359
References
- http://support.tobesoft.co.kr/Support/index.html
- https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35359
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.