CVE-2021-33592

EPSS 2.1%CWE-20

NAVER Toolbar before 4.0.30.323 allows remote attackers to execute arbitrary code via a crafted upgrade.xml file. Special characters in filename parameter can be the cause of bypassing code signing check function.

Affected products

NAVER · NAVER Toolbar

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://cve.naver.com/detail/cve-2021-33592