CVE-2020-7869

Summary

An improper input validation vulnerability of ZOOK software (remote administration tool) could allow a remote attacker to create arbitrary file. The ZOOK viewer has the "Tight file CMD" function to create file. An attacker could create and execute arbitrary file in the ZOOK agent program using "Tight file CMD" without authority.

Affected Software

VendorProductVersion RangeStatus
mastersoftZOOK2.0.4.6 <= 2.0.4.6affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References