본문내용 바로가기 메인메뉴 바로가기 하단내용 바로가기

Security Advisory

Security Advisory Detail
CVE-2020-7808 | RAONWIZ Inc K Upload, arguments modiffication via missing support for integrity check vulnerability2020.05.19
□ Overview
 o Arguments modification via missing support for integrity check vulnerability of RAONWIZ Inc K Upload
 
 
Vulnerability type Impact Severity CVSS Score CVE ID
Missing support for integrity check Dll Injection High 8.7 CVE-2020-7808
Arguments Modification
 
□ Description
 o Automatic update processing without integrity check on update module(web.js) allows an attacker to modify arguments which causes downloading a random DLL and injection on it.
 
□ Affected Products
Product Version Platform
RAONWIZ K Upload v2018.0.2.51 and prior windows 7/8/10
 
□ Solution
 o Update software over 2018.0.2.52 version or over then it.
 
□ Acknowledgement
 o Thanks to Soonchan Hwang for this vulnerability report.
 



□ 작성 : 침해사고분석단 취약점분석팀