□ Overview
o TmaxSoft released security update to address directory traversal vulnerability in JEUS Web application server.
Vulnerability Type
|
Impact
|
Severity
|
CVE ID
|
Directory traversal |
Code execution |
MEDIUM(6.8)
|
CVE-2019-17327
|
□ Description
o JEUS Web application server contains a directory traversal vulnerability caused by improper input parameter check when uploading installation file in administration web page. That leads remote attacker to execute arbitrary code via uploaded file.
□ Affected Product
Product |
version |
JEUS 7 |
Fix #0~5 |
JEUS 8 |
Fix #0~1 |
□ Solution
o Download and install versions of the latest software at following web link.
□ Reference site
https://technet.tmaxsoft.com/ko/front/support/notice/viewNotice.do?board_seq=CUST-20191031-000005
□ Acknowledgements
o Thanks to Sangsub Lee for reporting this vulerability |