CVE-2020-7882
anySign directory traversal vulnerability
Using the parameter of getPFXFolderList function, attackers can see the information of authorization certification and delete the files. It occurs because the parameter contains path traversal characters(ie. '../../../')
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
Hancomwith · anySign4PCWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →