Raonwiz · Raonwiz K Editor · CVE-2020-29157
Name of the Vulnerable Software and Affected Versions:
RAONWIZ K Editor version 2018.0.0.10
Description:
An issue in the software allows attackers to perform a DLL hijacking attack when the service or system is restarted. This occurs due to a problem where the system can be tricked into loading a malicious DLL, potentially leading to code execution.
Recommendations:
For RAONWIZ K Editor version 2018.0.0.10, consider disabling the loading of external DLLs until a patch is available. Restrict access to the system or service restart functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.