o INOGARD released security update to address arbitrary remote file download vulnerability in Ebiz4u.
|Remote File Download
||Remote File Execution
o A vulnerability in the web-based contract management service interface Ebiz4u of INOGARD could allow an victim user to download any file. The attacker is
able to use startup menu directory via directory traversal for automatic execution. The victiom user need to reboot, however.
□ Affected Product
||CViewer Object 220.127.116.11
o Update programs over CViewer Object 18.104.22.168 version or higher.
o Thanks to Dong Hyeon Yoo for reporting this vulnerability.
□ 작성 : 침해사고분석단 취약점분석팀