CVE-2020-7820
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by setting the arguments to the vulnerable API. This can be leveraged for code execution by rebooting the victim’s PC
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Tobesoft | NEXACRO14/17 ExCommonApiV13 | 2019.9.6 < 2019.9.6 | affected |
Weaknesses
- CWE-20: CWE-20 Improper Input Validation
ADP Enrichment
CVE Program Container
Additional References
- http://support.tobesoft.co.kr/Support/index.html
- https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35491
References
- http://support.tobesoft.co.kr/Support/index.html
- https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35491
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.