CVE-2020-7814

Name of the Vulnerable Software and Affected Versions RAONWIZ versions prior to 2018.0.2.51

Description The issue is related to a lack of validation to file extensions, which could allow remote files to be downloaded and executed. This can be used for remote-code-execution attacks by hackers. The vulnerability is in the RAON KUpload component of RAONWIZ.

Recommendations For versions prior to 2018.0.2.51, update to version 2018.0.2.51 or later to resolve the issue. As a temporary workaround, consider restricting access to the RAON KUpload component to minimize the risk of exploitation. Avoid using the vulnerable file download and execution functionality in RAONWIZ until the issue is resolved.