Vulnerability Description
Innorix Web-Based File Transfer Solution versuibs prior to and including 9.2.18.385 contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the internal method. A remote attacker could induce a user to access a crafted web page, causing damage such as malicious code infection.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Innorix | File Transfer Solution | < 9.2.18.382 |
| Apple | Macos | - |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://www.innorix.com/ko/ProductVendor Advisory
- https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35984Third Party Advisory
- https://www.innorix.com/ko/ProductVendor Advisory
- https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35984Third Party Advisory
FAQ
What is CVE-2020-7851?
CVE-2020-7851 is a vulnerability with a CVSS score of 7.8 (HIGH). Innorix Web-Based File Transfer Solution versuibs prior to and including 9.2.18.385 contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the...
How severe is CVE-2020-7851?
CVE-2020-7851 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-7851?
Check the references section above for vendor advisories and patch information. Affected products include: Innorix File Transfer Solution, Apple Macos, Linux Linux Kernel, Microsoft Windows.