본문내용 바로가기 메인메뉴 바로가기 푸터 바로가기

Security Advisory

CVE-2020-7857 | XPlatform ActiveX arbitrary command execution vulnerability2021.04.20
□ Overview
 o Tobesoft released security update to address arbitrary command execution vulnerability in XPlatform.

□ Description
 o A vulnerability of XPlatform could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient validation of improper classes(CVE-2020-7857).
 
□ Affected Product
Product Version
XPlatform Previous version of 9.2.2.280
 
□ Solution
 o Update latest version(9.2.2.280) of XPlatform

□ Acknowledgements
 o Thanks to Jeongun Baek for reporting this vulnerability


□ 작성 : 침해사고분석단 취약점분석팀