본문내용 바로가기 메인메뉴 바로가기 푸터 바로가기

Security Advisory

CVE-2020-7871 | Helpcom arbitrary command execution vulnerability2021.06.24
□ Overview
 o Cnesty released security update to address command execution vulnerability in Helpcom.
 
□ Description
 o A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient validation of the parameter(CVE-2020-7857).
 
□ Affected Product
Product Version
Helpcom Previous version of 10.0
 
□ Solution
 o Update latest version of Helpcom.

□ Acknowledgements
 o Thanks to Jeongun Baek for reporting this vulnerability.


□ 작성 : 침해사고분석단 취약점분석팀