漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
RAONWIZ Inc K Upload, arguments modiffication via missing support for integrity check vulnerability
Vulnerability Description
In RAONWIZ K Upload v2018.0.2.51 and prior, automatic update processing without integrity check on update module(web.js) allows an attacker to modify arguments which causes downloading a random DLL and injection on it.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H
Vulnerability Type
缺失完整性检查支持
Vulnerability Title
Raonwiz K Upload 参数注入漏洞
Vulnerability Description
Raonwiz K Upload是韩国Raonwiz公司的一款文件传输组件。 RAONWIZ K Upload 2018.0.2.51及之前版本中存在安全漏洞。攻击者可利用该漏洞修改参数,下载任意DLL文件并进行注入操作。
CVSS Information
N/A
Vulnerability Type
N/A