본문내용 바로가기 메인메뉴 바로가기 하단내용 바로가기

Security Advisory

Security Advisory Detail
CVE-2019-19163 | COMMAX WallPad Code Execution Vulnerability2020.06.29

□ Overview
 o COMMAX Co,Ltd released security update to address File Upload vulnerability in WallPad(CDP-1020MB)

    Firmware.

Vulnerability Type Impact Severity CVSS Score CVE ID
File Upload Code Execution High 7.5 CVE-2019-19163


□ Description
 o A Vulnerability in the firmware of COMMAX WallPad(CDP-1020MB) allow an unauthenticated adjacent attacker

    to execute arbitrary code, because of a using the old version of MySQL.

□ Affected Product

Product Version
CDP-1020MB prior to 2019.12.30

□ Solution
 o Update software over COMMAX WallPad(CDP-1020MB) Firmware 2019.12.30 version or higher.

□ Acknowledgements
 o Thanks to SeongJun Jo for reporting this vulnerability.

□ Reference
 [1] https://www.commax.com/index.php?cate1=10&cate2=21&cate3=23&nnum=2016


□ 작성 : 침해사고분석단 취약점분석팀