본문내용 바로가기 메인메뉴 바로가기 푸터 바로가기

Security Advisory

CVE-2020-7819 | nTrackSystem secure USB management solution SQL-Injection vulnerability2021.09.06
□ Overview
 o nTrackSystem Co.,Ltd released security update to address SQL-Injection vulnerability in nTracker USB Enterprise.(secure USB management solution)
Vulnerability Type Impact Severity CVSS Score CVE ID
SQL-Injection Information Exposure Critical 9.3 CVE-2020-7819

□ Description
 o A SQL-Injection vulnerability in the nTracker USB Enterprise(secure USB management solution) allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. (CVE-2020-7819)

□ Affected Product
Product Version Platform
nTracker USB Enterprise 5 Windows

□ Solution
 o Install patch programs with nTracker USB Enterprise 5 to solve this vulnerability.

□ Reference
 [1] http://www.ntracker.kr

□ Etc
 o Thanks to Seungyeon Han for reporting this vulnerability.


□ 작성 : 침해사고분석단 취약점분석팀