CVE-2020-7808

Summary

In RAONWIZ K Upload v2018.0.2.51 and prior, automatic update processing without integrity check on update module(web.js) allows an attacker to modify arguments which causes downloading a random DLL and injection on it.

Affected Software

VendorProductVersion RangeStatus
RAONWIZ IncK Uploadunspecified <= 2018.0.2.51affected

Weaknesses

  • CWE-353: CWE-353 Missing Support for Integrity Check
  • CWE-88: CWE-88 Argument Injection or Modification

ADP Enrichment

CVE Program Container

Additional References

References