Jinwoo Park

**Name of the Vulnerable Software and Affected Versions** Naver Cloud Explorer versions prior to 2.2.2.11 **Description** The issue allows an attacker to download and execute an arbitrary file from their server during the upgrade process. **Recommendations** For versions prior to 2.2.2.11, update to version 2.2.2.11 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Naver Vaccine version 2.1.4 **Description** The issue allows remote attackers to overwrite arbitrary files via directory traversal sequences in a filename within nsz archive. This is due to a problem in the nsGreen.dll component. **Recommendations** For Naver Vaccine version 2.1.4, consider updating to a newer version that addresses this issue, if available. As a temporary workaround, restrict access to the nsGreen.dll component to minimize the risk of exploitation.