본문내용 바로가기 메인메뉴 바로가기 하단내용 바로가기

Security Advisory

Security Advisory Detail
CVE-2019-17327 | TmaxSoft JEUS directory traversal vulnerability2019.11.08
□ Overview

 o TmaxSoft released security update to address directory traversal vulnerability in JEUS Web application server.

Vulnerability Type

Impact

Severity

CVE ID

Directory traversal Code execution

MEDIUM(6.8)

CVE-2019-17327

 

□ Description

 o JEUS Web application server contains a directory traversal vulnerability caused by improper input parameter check when uploading installation file in administration web page. That leads remote attacker to execute arbitrary code via uploaded file.

 

□ Affected Product

Product version
JEUS 7 Fix #0~5
JEUS 8 Fix #0~1


□ Solution

 o Download and install versions of the latest software at following web link.

 

□ Reference site

https://technet.tmaxsoft.com/ko/front/support/notice/viewNotice.do?board_seq=CUST-20191031-000005

 

□ Acknowledgements

 o Thanks to Sangsub Lee for reporting this vulerability