CVE-2020-7808

Name of the Vulnerable Software and Affected Versions RAONWIZ K Upload versions 2018.0.2.51 and prior

Description The issue allows an attacker to modify arguments in the update module, specifically in the web.js file, due to the lack of an integrity check during automatic update processing. This can lead to the downloading of a random DLL and its subsequent injection.

Recommendations For RAONWIZ K Upload versions 2018.0.2.51 and prior, consider disabling the automatic update feature until a patch is available to prevent potential exploitation. Restrict access to the update module, specifically the web.js file, to minimize the risk of DLL injection.