o INOGARD released security update to address arbitrary remote file download vulnerability in Ebiz4u.
Remote File Download
Remote File Execution
o A vulnerability in the web-based contract management service interface Ebiz4u of INOGARD could allow an victim user to download any file. The attacker is
able to use startup menu directory via directory traversal for automatic execution. The victiom user need to reboot, however.
□ Affected Product
CViewer Object 184.108.40.206
o Update programs over CViewer Object 220.127.116.11 version or higher.
o Thanks to Dong Hyeon Yoo for reporting this vulnerability.