CVE-2020-9751

CRITICAL

Naver Cloud Explorer < 2.2.2.11 - Remote Code Execution via Untrusted Upgrade File Download

Title source: llm
STIX 2.1

Description

Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attacker's server and execute it during the upgrade.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
https://cve.naver.com/detail/cve-2020-9751

Scores

CVSS v3 9.1
EPSS 0.0049
EPSS Percentile 37.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

CWE
CWE-494
Status published
Products (1)
naver/cloud_explorer < 2.2.2.11
Published Mar 03, 2020
Tracked Since Feb 18, 2026