CVE-2020-7862

HIGH

HelpU Remote Control Solution - Authenticated Remote Code Execution via Customer Process Communication

Title source: llm
STIX 2.1

Description

A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santization when communicating customer process.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_misc
https://helpu.co.kr/customer/download.html

Scores

CVSS v3 7.0
EPSS 0.0111
EPSS Percentile 61.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-120 CWE-20
Status published
Products (4)
helpu/helpuftclient 3.0.0.0
helpu/helpuftserver 3.0.0.0
helpu/helpuserver 1.0.0.2
helpu/helpuviewer 2018.5.21.0
Published Jun 24, 2021
Tracked Since Feb 18, 2026