CVE-2020-9751
CRITICALNaver Cloud Explorer < 2.2.2.11 - Download Without Integrity Check
Title source: ruleDescription
Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attacker's server and execute it during the upgrade.
References (1)
Scores
CVSS v3
9.1
EPSS
0.0015
EPSS Percentile
34.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Details
CWE
CWE-494
Status
published
Products (1)
naver/cloud_explorer
< 2.2.2.11
Published
Mar 03, 2020
Tracked Since
Feb 18, 2026