Vulnerabilities > CVE-2020-7815 - Unspecified vulnerability in Tobesoft Xplatform

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

tobesoft

critical

NVD

Published: 2020-07-10

Updated: 2021-07-21

Summary

XPLATFORM v9.2.260 and eariler versions contain a vulnerability that could allow remote files to be downloaded by setting the arguments to the vulnerable method. this can be leveraged for code execution. File download vulnerability in ____COMPONENT____ of TOBESOFT XPLATFORM allows ____ATTACKER/ATTACK____ to cause ____IMPACT____. This issue affects: TOBESOFT XPLATFORM 9.2.250 versions prior to 9.2.260 on Windows.

Vulnerable Configurations

Part	Description	Count
Application	Tobesoft Tobesoft Xplatform - Tobesoft Xplatform 9.1 Tobesoft Xplatform 9.2 Tobesoft Xplatform 9.2.0 Tobesoft Xplatform 9.2.1 Tobesoft Xplatform 9.2.2 Tobesoft Xplatform 9.2.2.80 Tobesoft Xplatform 9.2.2.250 Tobesoft Xplatform 9.2.2.260	9
OS	Microsoft Microsoft Windows -	1

Summary

Vulnerable Configurations

References