□ Overview
o Secuever Co.,Ltd released security update to address remote code execution vulnerability in reverseWall-MDS.
□ Description
o Remote code execution vulnerability due to insufficient user privilege verification in reverseWall-MDS.
o Remote attackers can exploit the vulnerability such as stealing account, through remote code execution.
□ Affected Product
□ Solution
o Update software over reverseWall-MDS 3.8 A008 version or higher.
□ Reference
[1] http://www.secuever.com
□ Acknowledgements
o Thanks to Kim Juyong for reporting this vulnerability.
□ 작성 : 침해사고분석단 취약점분석팀
o Secuever Co.,Ltd released security update to address remote code execution vulnerability in reverseWall-MDS.
| Vulnerability Type | Impact | Severity | CVSS Score | CVE ID |
|---|---|---|---|---|
| Improper Authentication | remote code execution | High | 7.5 | CVE-2022-23769 |
□ Description
o Remote code execution vulnerability due to insufficient user privilege verification in reverseWall-MDS.
o Remote attackers can exploit the vulnerability such as stealing account, through remote code execution.
□ Affected Product
| Product | Version | Platform |
|---|---|---|
| reverseWall-MDS | prior of 3.8 A007(Only AWS) | Windows |
□ Solution
o Update software over reverseWall-MDS 3.8 A008 version or higher.
□ Reference
[1] http://www.secuever.com
□ Acknowledgements
o Thanks to Kim Juyong for reporting this vulnerability.
□ 작성 : 침해사고분석단 취약점분석팀