Vulnerability Details CVE-2020-7869
An improper input validation vulnerability of ZOOK software (remote administration tool) could allow a remote attacker to create arbitrary file. The ZOOK viewer has the "Tight file CMD" function to create file. An attacker could create and execute arbitrary file in the ZOOK agent program using "Tight file CMD" without authority.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.6%
CVSS Severity
CVSS v3 Score 9.0
CVSS v2 Score 9.0
References
Products affected by CVE-2020-7869
-
cpe:2.3:a:mastersoft:zook:2.0.4.6
-
cpe:2.3:o:microsoft:windows:-