CVE-2020-7865

Summary

A vulnerability(improper input validation) in the ExECM CoreB2B solution allows an unauthenticated attacker to download and execute an arbitrary file via httpDownload function. A successful exploit could allow the attacker to hijack vulnerable system.

Affected Software

VendorProductVersion RangeStatus
InoguardExECM CoreB2B1.1.0.4 <= 1.1.0.4affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References