CVE-2020-7869

Published at:
2021-06-29T14:15:08.237
Source: [email protected]

Global infos:

An improper input validation vulnerability of ZOOK software (remote administration tool) could allow a remote attacker to create arbitrary file. The ZOOK viewer has the "Tight file CMD" function to create file. An attacker could create and execute arbitrary file in the ZOOK agent program using "Tight file CMD" without authority.

CVE Status: Modified

References:

  • [email protected]
  • af854a3a-2127-422b-91ae-364da2661108
    •

    Metrics:

    AttributeValue
    Attack ComplexityLOW
    Attack VectorNETWORK
    Availability ImpactHIGH
    Base Score9
    Base SeverityCRITICAL
    Confidentiality ImpactHIGH
    Integrity ImpactHIGH
    Privileges RequiredLOW
    ScopeCHANGED
    User InteractionREQUIRED
    Vector StringCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
    Exploitability Score2.3
    Impact Score6
    Source[email protected]
    TypeSecondary

    Links:

    Exploit-db
    Github

    Most recherched CVEs
    Popular Keywords