Unrated severityNVD Advisory· Published Apr 22, 2021· Updated Aug 4, 2024

AquaNPlayer directory traversing vulnerability

CVE-2020-7858

Description

There is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" sequences(../../) to view host file on the system. This vulnerability can cause information leakage.

Affected products

AquaNPlayer/AquaNPlayerllm-create
Range: =2.0.0.92
cdnetworks/AquaNPlayerv5
Range: 2.0.0.92

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.boho.or.kr/krcert/secNoticeView.domitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000