CVE-2020-7817
MEDIUMk_upload < 6.2.2018.529 - Arbitrary File Download via Setup.inf
Title source: llmDescription
MyBrowserPlus downloads the files needed to run the program through the setup file (Setup.inf). At this time, there is a vulnerability in downloading arbitrary files due to insufficient integrity verification of the files.
References (2)
Core 2
Core References
Product x_refsource_misc
http://www.activesoft.co.kr/demo.html
Third Party Advisory x_refsource_misc
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35549
Scores
CVSS v3
5.5
EPSS
0.0028
EPSS Percentile
19.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Details
CWE
CWE-494
Status
published
Products (1)
raonwiz/k_upload
< 6.2.2018.529
Published
Aug 06, 2020
Tracked Since
Feb 18, 2026