Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a local file in any path on the filesystem as a system privilege through its named pipe.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HNaver Cloud Explorer
APPNaver< 2.2.2.11
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Powiązane podatności
CVE-2020-9751CRITICAL9.1ten sam produkt
Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attacker's serve...
CVE-2022-24077HIGH7.8ten sam produkt
Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL ...
CVE-2019-13156HIGH7.5ten sam produkt
NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a...
CVE-2025-49223CRITICAL9.8PL ✓ten sam vendor
Prototype pollution w billboard.js umożliwia RCE lub DoS
CVE-2024-28211CRITICAL9.8PL ✓ten sam vendor
Naver nGrinder — RCE przez złośliwy serwer JMX/RMI