An improper input validation vulnerability of ZOOK software (remote administration tool) could allow a remote attacker to create arbitrary file. The ZOOK viewer has the "Tight file CMD" function to create file. An attacker could create and execute arbitrary file in the ZOOK agent program using "Tight file CMD" without authority.
References
Link | Resource |
---|---|
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36090 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: krcert
Published: 2021-06-29T13:48:53
Updated: 2021-06-29T13:48:53
Reserved: 2020-01-22T00:00:00
Link: CVE-2020-7869
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-06-29T14:15:08.237
Modified: 2021-07-02T19:09:33.757
Link: CVE-2020-7869
JSON object: View
Redhat Information
No data.
CWE