← back
CVE-2020-7869

CVE-2020-7869

CVSS 9 CRITICALEPSS 1.6%CWE-20
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9EPSS 1.6%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
29 Jun 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An improper input validation vulnerability of ZOOK software (remote administration tool) could allow a remote attacker to create arbitrary file. The ZOOK viewer has the "Tight file CMD" function to create file. An attacker could create and execute arbitrary file in the ZOOK agent program using "Tight file CMD" without authority.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Affected products
mastersoft · ZOOK

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →