본문내용 바로가기 메인메뉴 바로가기 하단내용 바로가기

Security Advisory

Security Advisory Detail
CVE-2020-7830 | Raonwiz KUpload Remote file download vulnerability2020.09.02
□ Overview
o RAONwiz Co,Ltd released security update to address a remote file download vulnerability in KUpload.
Vulnerability Type Impact Severity CVSS Score CVE ID
File download Code Execution High 7.8 CVE-2020-7830
 
□ Description
o Vulnerabilities in downloading with Kupload agent that allow files to be downloaded to arbitrary paths due to insufficient verification of extensions and download paths.(CVE-2020-7830)
 
□ Affected Product
Product Version PlatForm
RAON KUpload 2018.0.2.50 and prior Windows
 
□ Solution
o Update software over RAON KUpload 2018.0.2.50 version or higher.
 
□ Reference
http://www.raonk.com/page/customs/modify.aspx?pSeq=16&pageno=1
 
 
□ 작성 : 침해사고분석단 취약점분석팀