o cdnetworks released security update to address information leakage through directory traversing vulnerability in AquaNPlayer(media player).
o There is a directory traversing vulnerability in the download page url of AquaNPlayer. The IP of the download page url is localhost and attacker
can traverse directories using "dot dot" sequences(../../) to view host file on the system. This vulnerability can cause information leakage .
□ Affected Product
o Update program over AquaNPlayer 18.104.22.168 version or higher.
o Thanks to Yeonghoon Lee for reporting these vulnerabilities.
□ 작성 : 침해사고분석단 취약점분석팀