CVE-2020-7830
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
RAONWIZ v2018.0.2.50 and earlier versions contains a vulnerability that could allow remote files to be downloaded by lack of validation. Vulnerabilities in downloading with Kupload agent allow files to be downloaded to arbitrary paths due to insufficient verification of extensions and download paths. This issue affects: RAONWIZ RAON KUpload 2018.0.2.50 versions and earlier.
RAONWIZ versiones v2018.0.2.50 y anteriores, contienen una vulnerabilidad que podría permitir la descarga de archivos remotos por una falta de comprobación. Las vulnerabilidades en la descarga con el agente Kupload permiten que los archivos se descarguen en rutas arbitrarias debido a una verificación insuficiente de las extensiones y rutas de descarga. Este problema afecta a: RAONWIZ RAON KUpload versiones 2018.0.2.50 y anteriores
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-01-22 CVE Reserved
- 2020-09-02 CVE Published
- 2023-05-19 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35582 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Raonwiz Search vendor "Raonwiz" | Raon Kupload Search vendor "Raonwiz" for product "Raon Kupload" | <= 2018.0.2.50 Search vendor "Raonwiz" for product "Raon Kupload" and version " <= 2018.0.2.50" | - |
Affected
| ||||||