CVE-2020-7831
HIGHinogard ebiz4u - Directory Traversal and Arbitrary File Download via Startup Menu
Title source: llmDescription
A vulnerability in the web-based contract management service interface Ebiz4u of INOGARD could allow an victim user to download any file. The attacker is able to use startup menu directory via directory traversal for automatic execution. The victim user need to reboot, however.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35559
Scores
CVSS v3
8.8
EPSS
0.0087
EPSS Percentile
53.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-494
Status
published
Products (1)
inogard/ebiz4u
cviewer_object_1.0.5.1
Published
Aug 24, 2020
Tracked Since
Feb 18, 2026