본문내용 바로가기 메인메뉴 바로가기 하단내용 바로가기

Security Advisory

Security Advisory Detail
CVE-2020-7814 | RAONWIZ KUpload File Download and Execution Vulnerability2020.07.03
□ Overview
o RAONwiz Co,Ltd released security update to address a file download and execution vulnerability in KUpload.
Vulnerability Type Impact Severity CVSS Score CVE ID
File download & execution Code Execution High 7.8 CVE-2020-7814
 
□ Description
o KUpload contains a vulnerability that could allow remote attacker to download and execute remote arbitrary file by lack of validation to file extension.(CVE-2020-7814)
 
□ Affected Product
Product Version PlatForm
RAON KUpload 2018.0.2.50 and prior Windows
 
□ Solution
o Update software over RAON KUpload 2018.0.2.51 version or higher.
 
□ Reference
http://www.raonk.com/page/customs/modify.aspx?pSeq=16&pageno=1
 
 
□ 작성 : 침해사고분석단 취약점분석팀