This vulnerability is caused by the lack of validation of input values for specific functions if WISA Smart Wing CMS. Remote attackers can use this vulnerability to leak all files in the server without logging in system.
References
Link | Resource |
---|---|
https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66875 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: krcert
Published: 2022-08-17T20:21:29
Updated: 2022-08-17T20:21:29
Reserved: 2021-02-03T00:00:00
Link: CVE-2021-26639
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-08-17T21:15:08.487
Modified: 2022-08-24T13:48:44.157
Link: CVE-2021-26639
JSON object: View
Redhat Information
No data.