CVE-2020-7815
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
XPLATFORM v9.2.260 and eariler versions contain a vulnerability that could allow remote files to be downloaded by setting the arguments to the vulnerable method. this can be leveraged for code execution. File download vulnerability in COMPONENT of TOBESOFT XPLATFORM allows ATTACKER/ATTACK to cause IMPACT. This issue affects: TOBESOFT XPLATFORM 9.2.250 versions prior to 9.2.260 on Windows.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| TOBESOFT | XPLATFORM | 9.2.250 < 9.2.260 | affected |
Weaknesses
- File download
ADP Enrichment
CVE Program Container
Additional References
- http://support.tobesoft.co.kr/Support/index.html
- https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35496
References
- http://support.tobesoft.co.kr/Support/index.html
- https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35496
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.