본문내용 바로가기 메인메뉴 바로가기 하단내용 바로가기

Security Advisory

Security Advisory Detail
CVE-2020-7815 | TOBESOFT XPLATFORM File Download Vulnerability2020.07.03
□ Overview
o TOBESOFT Co,Ltd released security update to address a file download vulnerability in XPLATFORM
Vulnerability Type Impact Severity CVSS Score CVE ID
File download Code Execution High 7.8 CVE-2020-7815
 
□ Description
o XPLATFORM contains a vulnerability that could allow remote files to be downloaded by setting the arguments to the vulnerable method. this can be leveraged for code execution. (CVE-2020-7815)
 
□ Affected Product
Product Version PlatForm
XPLATFORM 9.2.2.270 and prior Windows
 
□ Solution
o Update software over XPLATFORM 2020.08.27.1 version or higher.
 
□ Acknowledgements
o Thanks to Jungun Baek for reporthing this vulnerability
 
□ 작성 : 침해사고분석단 취약점분석팀