CVE-2020-7851

HIGH

Innorix Web-Based File Transfer Solution <9.2.18.385 - RCE

Title source: llm

Description

Innorix Web-Based File Transfer Solution versuibs prior to and including 9.2.18.385 contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the internal method. A remote attacker could induce a user to access a crafted web page, causing damage such as malicious code infection.

References (2)

[Product, Vendor Advisory] https://www.innorix.com/ko/

[Third Party Advisory] https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35984

Scores

CVSS v3 7.8

EPSS 0.0033

EPSS Percentile 55.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-88

Status published

Affected Products (1)

innorix/file_transfer_solution < 9.2.18.382

Timeline

Published Apr 19, 2021

Tracked Since Feb 18, 2026