CVE-2020-7831
First published: Mon Aug 24 2020(Updated: )
A vulnerability in the web-based contract management service interface Ebiz4u of INOGARD could allow an victim user to download any file. The attacker is able to use startup menu directory via directory traversal for automatic execution. The victim user need to reboot, however.
Credit: vuln@krcert.or.kr
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Inogard Ebiz4u | =cviewer_object_1.0.5.1 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-7831?
CVE-2020-7831 is a vulnerability in the web-based contract management service interface Ebiz4u of INOGARD that could allow a victim user to download any file and an attacker to use startup menu directory via directory traversal for automatic execution.
How severe is CVE-2020-7831?
CVE-2020-7831 has a severity rating of 8.8 (high).
How does CVE-2020-7831 affect the Inogard Ebiz4u software?
CVE-2020-7831 affects the Inogard Ebiz4u software, allowing a victim user to download any file.
What action is required to fix CVE-2020-7831?
To fix CVE-2020-7831, it is recommended to apply the necessary patches or updates provided by INOGARD for their Ebiz4u software.
Where can I find more information about CVE-2020-7831?
You can find more information about CVE-2020-7831 at the following link: https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35559
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- agent/first-publish-date
- agent/description
- agent/event
- vendor/inogard
- canonical/inogard ebiz4u
- version/inogard ebiz4u/cviewer_object_1.0.5.1
- vendor/microsoft
- canonical/microsoft windows