Vulnerability Description
RAONWIZ v2018.0.2.50 and eariler versions contains a vulnerability that could allow remote files to be downloaded and excuted by lack of validation to file extension, witch can used as remote-code-excution attacks by hackers File download & execution vulnerability in ____COMPONENT____ of RAONWIZ RAON KUpload allows ____ATTACKER/ATTACK____ to cause ____IMPACT____. This issue affects: RAONWIZ RAON KUpload 2018.0.2.50 versions prior to 2018.0.2.51 on Windows.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Raonwiz | Raon K Upload | < 2018.0.2.51 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35495Third Party Advisory
- https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35495Third Party Advisory
FAQ
What is CVE-2020-7814?
CVE-2020-7814 is a vulnerability with a CVSS score of 7.8 (HIGH). RAONWIZ v2018.0.2.50 and eariler versions contains a vulnerability that could allow remote files to be downloaded and excuted by lack of validation to file extension, witch can used as remote-code-exc...
How severe is CVE-2020-7814?
CVE-2020-7814 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-7814?
Check the references section above for vendor advisories and patch information. Affected products include: Raonwiz Raon K Upload, Microsoft Windows.