Joengun Baek

#13590of 53,633
19.6Total CVSS
Vulnerabilities · 2
Critical
2
PT-2020-19816
9.8
2020-07-02
Nexacro · Nexacro14/17 Extcommonapiv13 Library · CVE-2020-7820
**Name of the Vulnerable Software and Affected Versions** Nexacro14/17 ExtCommonApiV13 Library versions prior to 2019.9.6 **Description** The issue allows a remote attacker to execute arbitrary code by setting the arguments to the vulnerable API, which can be leveraged for code execution by rebooting the victim's PC. **Recommendations** For versions prior to 2019.9.6, update to a version 2019.9.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable API to minimize the risk of exploitation.
PT-2020-19817
9.8
2020-07-02
Nexacro · Nexacro · CVE-2020-7821
**Name of the Vulnerable Software and Affected Versions** Nexacro14/17 ExtCommonApiV13 Library versions prior to 2019.9.6 **Description** The issue allows a remote attacker to execute arbitrary code by modifying the value of a registry path. This can be leveraged for code execution by rebooting the victim's PC. **Recommendations** For versions prior to 2019.9.6, update to a version 2019.9.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the registry path to minimize the risk of exploitation.